5 matches found
CVE-2026-12993 Apicurio/apicurio-registry: apicurio-registry: xml entity-expansion denial of service via internal dtd subset
A flaw was found in Apicurio Registry. The DocumentBuilderAccessor correctly blocks external DTD and schema access but does not disable DOCTYPE declarations or enable FEATURESECUREPROCESSING. An attacker with artifact-write permission can upload XML documents with internal entity-expansion payloa...
Astra Linux – Vulnerability in netcdf
A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd, when parsing a crafted XML file, performs incorrect memory handling, resulting in a NULL pointer being dereferenced while running strcmp on a NULL pointer...
The vulnerability of the ezxml_internal_dtd function in the XML document syntax analysis library ezXML allows a attacker to cause a service failure.
The vulnerability of the ezxmlinternaldtd function in the XML document syntax analysis library ezXML is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created XML file...
ezXML 缓冲区错误漏洞
ezXML is a C library for parsing XML documents . An out-of-bounds write vulnerability exists in libezxml.a in ezXML version 0.8.6. The vulnerability stems from a memory handling error performed by the ezxmlinternaldtd function when parsing a specially crafted XML file. An attacker could use this...
UBUNTU-CVE-2021-30485
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd, while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp on a NULL pointer...