The vulnerability of the framework for working with large language models (LLMs) like LlamaIndex lies in the improper restriction on recursive references to entities in the DTD. This allows attackers to trigger a service failure.

The vulnerability of the LlamaIndex framework for working with large language models is related to an improper limitation on recursive references to entities in the DTD. Exploiting this vulnerability could allow a malicious actor to cause service failures...

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Overview rexml is an An XML toolkit for Ruby. Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs 'XML Entity Expansion' via tree parser APIs like REXML::Document.new function. An attacker can cause the application to consume excessive...

The vulnerability of the libexpat XML file analysis library lies in the improper restriction on recursive references to objects in DTDs, which allows attackers to trigger a service failure.

The vulnerability of the libexpat library for analyzing XML files is related to improper restrictions on recursive references to objects in DTDs. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the ClamAV antivirus program lies in the improper restriction of recursive references to objects in the DTDS, which allows a hacker to gain access to confidential information.

The vulnerability in the ClamAV scanning library relates to the possibility of replacing the XML payload, which may lead to the insertion of an external payload. Exploiting this vulnerability allows a malicious actor to send specially created XML code to the antivirus software and to read bytes...

GHSA-74FP-R6JW-H4MP Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON or YAML parsing

CVE-2019-11253 is a denial of service vulnerability in the kube-apiserver, allowing authorized users sending malicious YAML or JSON payloads to cause kube-apiserver to consume excessive CPU or memory, potentially crashing and becoming unavailable. When creating a ConfigMap object which has...

pcre: infinite recursion compiling pattern with recursive reference in a group with indefinite repeat (8.36/20)

PCRE before 8.36 mishandles the /?Ra|?1+/ pattern and related patterns with certain recursion, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object...

DEBIAN-CVE-2015-2327

PCRE before 8.36 mishandles the /a\2|a\g/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a...

CVE-2007-6356

exiftags before 1.01 allows attackers to cause a denial of service infinite loop via recursive IFD references in the EXIF data in a JPEG image...

DEBIAN-CVE-2007-6356

exiftags before 1.01 allows attackers to cause a denial of service infinite loop via recursive IFD references in the EXIF data in a JPEG image...