47 matches found
CVE-2013-1821
CVE-2013-1821 is an XML Entity Expansion (XEE) denial-of-service vulnerability in the REXML parser of Ruby. The provided sources confirm affected Ruby/REXML configurations across multiple lines: Ruby before 1.9.3-p392 (initial description) and extended references indicate the issue affects 1.9.x ...
CVE-2013-1664
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML...
CVE-2013-1664
The CVE-2013-1664 issue concerns the Python XML libraries (used by OpenStack components: Keystone Essex/Folsom/Grizzly, Nova Essex/Folsom, Cinder Folsom, Django, and possibly other products) that allow remote attackers to trigger a denial-of-service via XML Entity Expansion (XEE). The root cause ...
CVE-2013-1664
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML...
CVE-2013-1664
The XML libraries for Python 3.4, 3.3, 3.2, 3.1, 2.7, and 2.6, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML...
CVE-2013-1821
lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service memory consumption and crash via crafted text nodes in an XML document, aka an XML Entity Expansion XEE attack...
CVE-2012-6532
CVE-2012-6532 affects Zend Framework 1.x: Zend_Dom, Zend_Feed, Zend_Soap, and Zend_XmlRpc before 1.11.13 and 1.12.x before 1.12.0. It allows remote attackers to cause a denial of service via XML Entity Expansion (XEE) caused by recursive or circular references in a DOCTYPE declaration. The vulner...