GO-2022-0521 Stack exhaustion from deeply nested XML documents in encoding/xml

Calling Decoder.Skip when parsing a deeply nested XML document can cause a panic due to stack exhaustion...

Denial Of Service (DoS)

silverstripe/framework is vulnerable to denial of service. The vulnerability exist in xml2array function in Convert.php due to quadratic blowup in Convert::xml2array which allows remote attacker to crash the system via crafted XML document...

Quadratic blowup in Convert::xml2array()

Silverstripe silverstripe/framework 4.x until 4.10.9 has a quadratic blowup in Convert::xml2array that enables a remote attack via a crafted XML document...

CVE-2021-41559

Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array that enables a remote attack via a crafted XML document...

Design/Logic Flaw

Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Convert::xml2array that enables a remote attack via a crafted XML document...

XML Injection in ReportLab

ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color="' followed by arbitrary Python code...

JBossWS vulnerable to uncontrolled recursion

DOMUtils.java in org.jboss.ws:jbossws-common does not properly handle recursion during entity expansion, which allows remote attackers to cause a denial of service memory and CPU consumption via a crafted request containing an XML document with a DOCTYPE declaration and a large number of nested...

Improper Input Validation in Apache Santuario XML Security

Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML document...

GHSA-JWWR-FJGH-CV2X Improper Restriction of XML External Entity Reference in Castor

The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted XML document...

Improper Restriction of XML External Entity Reference in Castor

The default configuration for the Xerces SAX Parser in Castor before 1.3.3 allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted XML document...

CVE-2022-24449

Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document...

Server side request forgery (ssrf)

Solar appScreener through 3.10.4, when a valid license is not present, allows XXE and SSRF attacks via a crafted XML document...

XML External Entity (XXE)

detekt-core is vulnerable to XML external entity attacks. The vulnerability exists in the read function in BaselineFormat.kt due to improper validation which allows an attacker to submit a malicious XML document...

The vulnerability of the `php_wddx_push_element` function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the phpwddxpushelement function ext/wddx/wddx.c in the PHP programming language is caused by buffer overflows. Exploiting this vulnerability can allow an attacker to cause a service failure due to an incorrect logical element in an XML document...

EUVD-2022-32667

When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...

DEBIAN-CVE-2021-44960

In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function...

SVG++ 代码问题漏洞

SVG++ Ssvgpp is a C++ framework. The framework includes an SVG syntax parser, adapters for handling parsed data, and various utilities. SVGPP A security vulnerability exists in SVG++ that stems from the XMLDocument::getRoot function in the renderDocument function incorrectly handling the...

Authentication Bypass in github.com/russellhaering/gosaml2

Impact Given a valid SAML Response, it may be possible for an attacker to mutate the XML document in such a way that gosaml2 will trust a different portion of the document than was signed. Depending on the implementation of the Service Provider this enables a variety of attacks, including users...

GLSA-202107-05 : libxml2: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202107-05 libxml2: Multiple vulnerabilities Multiple vulnerabilities have been discovered in libxml2. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to process a...

CVE-2021-46163

Kentico Xperience 13.0.44 allows XSS via an XML document to the Media Libraries subsystem...