10 matches found
Important: xmlrpc-c
Issue Overview: libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. Considering the tradeoff between the stability of Amazon Linux and the impact of CVE-2023-52425...
SUSE CVE-2013-1753
The gzipdecode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service memory consumption via a crafted HTTP request...
PT-2023-33042 · Unknown · Xmlrpc Client
Name of the Vulnerable Software and Affected Versions: xmlrpc Client affected versions not specified Description: The issue allows an attacker to force the client to access local files or connect to undesired URLs instead of the intended target server's URL. This is possible by abusing the $metho...
Cross site request forgery (csrf)
The gzipdecode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service memory consumption via a crafted HTTP request...
MGASA-2020-0077 Updated xmlrpc packages fix security vulnerability
A flaw was discovered where the XMLRPC client implementation in Apache XMLRPC, performed deserialization of the server-side exception serialized in the faultCause attribute of XMLRPC error response messages. A malicious or compromised XMLRPC server could possibly use this flaw to execute arbitrar...
[SECURITY] [DSA 4619-1] libxmlrpc3-java security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4619-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 06, 2020 https://www.debian.org/security/faq -...
CentOS Update for xmlrpc-client CESA-2018:1780 centos7
Check the version of xmlrpc-client SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882909";...
Python XMLRPC Client Library Denial of Service Vulnerability
Python is an open source, object-oriented programming language from the Python Software Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A denial of service vulnerability exists in Python 3.4 and earlier versions. An attacker can exploit this...
local file access in `Client:send` via manipulation of `$protocol` argument
security fix: hardened the Client::send method against misuse of the $method argument issue 81. Abusing its value, it was possible to force the client to access local files or connect to undesired urls instead of the intended target server's url the one used in the Client constructor. This weakne...
PT-2012-1850 · Moodle · Moodle
Name of the Vulnerable Software and Affected Versions: Moodle versions 1.9.x through 1.9.13 Moodle versions 2.0.x through 2.0.4 Moodle versions 2.1.x through 2.1.1 Description: The issue arises from improper processing of the return value of the openssl verify function in mnet/xmlrpc/client.php...