Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:26654
HistorySep 07, 2020 - 10:52 a.m.

Denial Of Service (DoS)

2020-09-0710:52:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
github.com/antchfx/xmlquery
vulnerability
denial of service
url response validation
application crash
software

EPSS

0.005

Percentile

75.3%

JSON

github.com/antchfx/xmlquery is vulnerable to denial of service (DoS) attacks. The vulnerability exists because the LoadURL function in node.go fails to properly validate the type/format of incoming responses from URL before parsing and proceeding to the next process, allowing an attacker to pass URL with malicious string to cause an application crash.

Related

github 1
prion 1
osv 3
nvd 1
gitlab 1
cvelist 1
cve 1
debiancve 1
ubuntucve 1
github
github
xmlquery lacks check for whether LoadURL response is in XML format, causing denial of service
2022-10-07 07:20:03
prion
prion
Format string
2020-09-16 15:15:00
osv
osv
xmlquery lacks check for whether LoadURL response is in XML format, causing denial of service
2022-10-07 07:20:03
Denial of service in github.com/antchfx/xmlquery
2021-04-14 20:04:52
CVE-2020-25614
2020-09-16 15:15:12
nvd
nvd
CVE-2020-25614
2020-09-16 15:15:12
gitlab
gitlab
Improper Input Validation
2020-09-16 00:00:00
cvelist
cvelist
CVE-2020-25614
2020-09-16 14:41:08
cve
cve
CVE-2020-25614
2020-09-16 15:15:12
debiancve
debiancve
CVE-2020-25614
2020-09-16 15:15:12
ubuntucve
ubuntucve
CVE-2020-25614
2020-09-16 00:00:00

EPSS

0.005

Percentile

75.3%

JSON
Related for VERACODE:26654
github1prion1osv3nvd1gitlab1cvelist1cve1debiancve1ubuntucve1