8 matches found
EUVD-2004-2406
Malware in sbrugna...
EUVD-2021-1365
Malware in sbrugna...
Debian DLA-2693-1 : xmlbeans - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2693 advisory. The XML parsers used by XMLBeans did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include the possibility for XML Entity...
GHSA-MW3R-PFMG-XP92 Improper Restriction of Recursive Entity References in Apache XMLBeans
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...
DEBIAN-CVE-2021-23926
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...
CVE-2021-23926
The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0...
CVE-2016-6312
A denial of service vulnerability was found in subversion. The moddontdothat component of the moddavsvn Apache module did not properly protect against exponential XML entity expansion attacks. An attacker with credentials to the webdav repository could send a crafted message that would result in...
CVE-2004-2415
Davenport before 0.9.10 allows attackers to cause a denial of service resource consumption via 1 a very large XML file or 2 entity expansion attacks...