CVE-2012-0876
- EPSS 0.31%
- Veröffentlicht 03.07.2012 19:55:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file wit...
- EPSS 2.83%
- Veröffentlicht 04.12.2009 21:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that ...
- EPSS 1.16%
- Veröffentlicht 03.11.2009 16:30:12
- Zuletzt bearbeitet 09.04.2025 00:30:58
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafte...