9 matches found
EUVD-2019-0543
Malware in sbrugna...
CVE-2019-5442
XML Entity Expansion Billion Laughs Attack on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does not bound the memory on that process, memory will...
GHSA-HWCX-9P4J-7HWJ XML Entity Expansion in Pippo
XML Entity Expansion Billion Laughs Attack on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does not bound the memory on that process, memory will...
XML Entity Expansion in Pippo
XML Entity Expansion Billion Laughs Attack on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does not bound the memory on that process, memory will...
CVE-2019-5442
XML Entity Expansion Billion Laughs Attack on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does not bound the memory on that process, memory will...
Input validation
XML Entity Expansion Billion Laughs Attack on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does not bound the memory on that process, memory will...
CVE-2019-5442
XML Entity Expansion Billion Laughs Attack on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does not bound the memory on that process, memory will...
CVE-2019-5442
CVE-2019-5442 describes an XML Entity Expansion (Billion Laughs) vulnerability in Pippo 1.12.0 where untrusted XML parsing can trigger recursive entities via a DTD, causing DoS through excessive heap memory consumption and potential JVM memory exhaustion. Connected records confirm Pippo 1.12.0 as...
CVE-2019-5442
XML Entity Expansion Billion Laughs Attack on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does not bound the memory on that process, memory will...