5
CVE-2012-2921
- EPSS 1.86%
- Veröffentlicht 21.05.2012 22:55:01
- Zuletzt bearbeitet 16.06.2026 23:42:21
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginUniversal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mark Pilgrim ≫ Feedparser Version <= 5.1.1
Mark Pilgrim ≫ Feedparser Version3.0
Mark Pilgrim ≫ Feedparser Version3.0.1
Mark Pilgrim ≫ Feedparser Version3.1
Mark Pilgrim ≫ Feedparser Version3.2
Mark Pilgrim ≫ Feedparser Version3.3
Mark Pilgrim ≫ Feedparser Version4.0
Mark Pilgrim ≫ Feedparser Version4.0.1
Mark Pilgrim ≫ Feedparser Version4.0.2
Mark Pilgrim ≫ Feedparser Version4.1
Mark Pilgrim ≫ Feedparser Version5.0
Mark Pilgrim ≫ Feedparser Version5.0.1
Mark Pilgrim ≫ Feedparser Version5.1
Mark Pilgrim ≫ Feedparser Version5.1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.86% | 0.765 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
http://freecode.com/projects/feedparser/releases/344371
http://osvdb.org/81701
http://secunia.com/advisories/49256
http://www.mandriva.com/security/advisories?name=MDVSA-2013:118
http://www.securityfocus.com/bid/53654
https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706&r=706
https://code.google.com/p/feedparser/source/detail?r=703&path=/trunk/feedparser/feedparser.py
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157