Количество 17
Количество 17
CVE-2018-1311
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.
CVE-2018-1311
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.
CVE-2018-1311
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.
CVE-2018-1311
CVE-2018-1311
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-fre ...
openSUSE-SU-2021:2958-1
Security update for xerces-c
openSUSE-SU-2021:1231-1
Security update for xerces-c
SUSE-SU-2024:0320-1
Security update for xerces-c
SUSE-SU-2024:0300-1
Security update for xerces-c
SUSE-SU-2024:0299-1
Security update for xerces-c
SUSE-SU-2021:2958-1
Security update for xerces-c
SUSE-SU-2021:2944-1
Security update for xerces-c
SUSE-SU-2021:2920-1
Security update for xerces-c
GHSA-7rpp-hwhj-9hv8
The Apache Xerces-C 3.0.0 to 3.2.2 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.
ELSA-2020-0704
ELSA-2020-0704: xerces-c security update (IMPORTANT)
ELSA-2020-0702
ELSA-2020-0702: xerces-c security update (IMPORTANT)
BDU:2021-03489
Уязвимость библиотеки для работы с XML Xerces-C, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1311 The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. | CVSS3: 8.1 | 4% Низкий | около 6 лет назад |
 | CVE-2018-1311 The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. | CVSS3: 8.1 | 4% Низкий | около 6 лет назад |
 | CVE-2018-1311 The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. | CVSS3: 8.1 | 4% Низкий | около 6 лет назад |
 | CVSS3: 8.1 | 4% Низкий | почти 4 года назад | |
| CVE-2018-1311 The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-fre ... | CVSS3: 8.1 | 4% Низкий | около 6 лет назад |
 | openSUSE-SU-2021:2958-1 Security update for xerces-c | 4% Низкий | больше 4 лет назад | |
| openSUSE-SU-2021:1231-1 Security update for xerces-c | 4% Низкий | больше 4 лет назад | |
| SUSE-SU-2024:0320-1 Security update for xerces-c | 4% Низкий | около 2 лет назад | |
| SUSE-SU-2024:0300-1 Security update for xerces-c | 4% Низкий | около 2 лет назад | |
| SUSE-SU-2024:0299-1 Security update for xerces-c | 4% Низкий | около 2 лет назад | |
| SUSE-SU-2021:2958-1 Security update for xerces-c | 4% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:2944-1 Security update for xerces-c | 4% Низкий | больше 4 лет назад | |
| SUSE-SU-2021:2920-1 Security update for xerces-c | 4% Низкий | больше 4 лет назад | |
| GHSA-7rpp-hwhj-9hv8 The Apache Xerces-C 3.0.0 to 3.2.2 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. | CVSS3: 8.1 | 4% Низкий | больше 3 лет назад |
| ELSA-2020-0704 ELSA-2020-0704: xerces-c security update (IMPORTANT) | почти 6 лет назад | ||
| ELSA-2020-0702 ELSA-2020-0702: xerces-c security update (IMPORTANT) | почти 6 лет назад | ||
 | BDU:2021-03489 Уязвимость библиотеки для работы с XML Xerces-C, связанная с использованием памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании | CVSS3: 8.1 | 4% Низкий | около 6 лет назад |
Уязвимостей на страницу