4 matches found
GHSA-2JX7-XG83-J2M7 Zendframework Denial of Service vector via XEE injection
ZendDom, ZendFeed, ZendSoap, and ZendXmlRpc are vulnerable to XML Entity Expansion XEE vectors, leading to Denial of Service vectors. XEE attacks occur when the XML DOCTYPE declaration includes XML entity definitions that contain either recursive or circular references; this leads to CPU and memo...
Zendframework Denial of Service vector via XEE injection
ZendDom, ZendFeed, ZendSoap, and ZendXmlRpc are vulnerable to XML Entity Expansion XEE vectors, leading to Denial of Service vectors. XEE attacks occur when the XML DOCTYPE declaration includes XML entity definitions that contain either recursive or circular references; this leads to CPU and memo...
XXE Vulnerability
Security: XML filescan in XML-based Readers to prevent XML Entity Expansion XEE see http://projects.webappsec.org/w/page/13247002/XML%20Entity%20Expansion for an explanation of XEE injection attacks...
Denial of Service vector via XEE injection
More info at https://framework.zend.com/security/advisory/ZF2012-02...