Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2014-5265

Опубликовано: 18 авг. 2014
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5

Описание

The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

7.32-1
bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-apps/xenial

not-affected

7.32-1
esm-infra-legacy/trusty

needed

esm-infra/focal

DNE

focal

DNE

jammy

DNE

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

not-affected

3.9.2+dfsg-1
cosmic

not-affected

3.9.2+dfsg-1
devel

not-affected

3.9.2+dfsg-1
disco

not-affected

3.9.2+dfsg-1
esm-apps/bionic

not-affected

3.9.2+dfsg-1
esm-apps/focal

not-affected

3.9.2+dfsg-1
esm-apps/jammy

not-affected

3.9.2+dfsg-1
esm-apps/noble

not-affected

3.9.2+dfsg-1
esm-apps/xenial

not-affected

3.9.2+dfsg-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 91%
0.07017
Низкий

5 Medium

CVSS2

Связанные уязвимости

nvd логотип

CVE-2014-5265

nvd
почти 11 лет назад

The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

debian логотип

CVE-2014-5265

debian
почти 11 лет назад

The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 a ...

github логотип

GHSA-94p2-4f88-99g7

github
около 3 лет назад

The Incutio XML-RPC (IXR) Library, as used in WordPress before 3.9.2 and Drupal 6.x before 6.33 and 7.x before 7.31, permits entity declarations without considering recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

EPSS

Процентиль: 91%
0.07017
Низкий

5 Medium

CVSS2