Denial Of Service (DOS)

Mofh is vulnerable to Denial of Service. The vulnerability is due to improper restriction of XML external entity reference when parsing API call responses. If the apiurl parameter is unchanged, the attacker must penetrate MyOwnFreeHost API responses. Otherwise, the attacker must have access to th...

mofh Vulnerable to Improper Restriction of XML External Entity Reference

The xml.etree.ElementTree module that mofh used up until version 1.0.1 implements a simple and efficient API for parsing and creating XML data. But it makes the application vulnerable to: - Billion Laughs attack: It is a type of denial-of-service attack aimed at XML parsers. It uses multiple leve...

GHSA-7R9X-QRPR-3CXW mofh Vulnerable to Improper Restriction of XML External Entity Reference

The xml.etree.ElementTree module that mofh used up until version 1.0.1 implements a simple and efficient API for parsing and creating XML data. But it makes the application vulnerable to: - Billion Laughs attack: It is a type of denial-of-service attack aimed at XML parsers. It uses multiple leve...

PT-2022-28213 · Python · Xml.Etree.Elementtree

Name of the Vulnerable Software and Affected Versions: mofh versions prior to 1.0.1 Description: The issue affects the xml.etree.ElementTree module, making the application susceptible to denial-of-service attacks, specifically the Billion Laughs attack and the Quadratic blowup attack. These attac...