Описание
The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of service (panic) via an invalid <! token (such as <!DOCTYPEs/%<!A nesting) in an XML document. The earliest affected version is 0.8.9.
Ссылки
- Patch
- Patch
- Patch
- Exploit
- Patch
- Patch
- Patch
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 0.8.14 (исключая)
cpe:2.3:a:xml_library_project:xml_library:*:*:*:*:*:rust:*:*
EPSS
Процентиль: 27%
0.00096
Низкий
7.5 High
CVSS3
Дефекты
CWE-611
CWE-611
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 2 лет назад
The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of service (panic) via an invalid <! token (such as <!DOCTYPEs/%<!A nesting) in an XML document. The earliest affected version is 0.8.9.
CVSS3: 7.5
debian
больше 2 лет назад
The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of se ...
CVSS3: 7.5
github
больше 2 лет назад
xml-rs vulnerable to denial of service via invalid token in XML document
EPSS
Процентиль: 27%
0.00096
Низкий
7.5 High
CVSS3
Дефекты
CWE-611
CWE-611