4 matches found
EUVD-2022-7316
Malicious code in bioql PyPI...
PT-2024-40083 · Symfony +2 · Symfony +2
Name of the Vulnerable Software and Affected Versions: Symfony versions prior to the latest version Description: The issue concerns XML Entity Expansion XEE attacks, which can lead to Denial Of Service attacks against a host's RAM. This is due to the lack of a method to disable custom entities in...
CLSA-2023-1692817457 Fix CVE(s): CVE-2023-3823, CVE-2023-3824
SECURITY UPDATE: external entity loading in XML without enabling it - debian/patches/CVE-2023-3823.patch: sanitize libxml2 globals before parsing. - CVE-2023-3823 SECURITY UPDATE: buffer mismanagement in phardirread - debian/patches/php-upstream-CVE-2023-3824.patch: fix buffer mismanagement in...
DLA-214-1 libxml-libxml-perl - security update
Bulletin has no description...