exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2021-32796

больше 4 лет назад

xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.

CVSS3: 6.5

EPSS: Низкий

CVE-2021-32796

больше 4 лет назад

CVSS3: 6.5

EPSS: Низкий

CVE-2021-32796

больше 4 лет назад

CVSS3: 6.5

EPSS: Низкий

CVE-2021-32796

больше 4 лет назад

xmldom is an open source pure JavaScript W3C standard-based (XML DOM L ...

CVSS3: 6.5

EPSS: Низкий

GHSA-5fg8-2547-mr8q

больше 4 лет назад

Misinterpretation of malicious XML input

CVSS3: 6.5

EPSS: Низкий

BDU:2022-01661

больше 4 лет назад

Уязвимость реализации XML DOM XMLDOM, связанная с недостатком механизма кодирование или экранирование выходных данных, позволяющая нарушителю оказать воздействие на целостность данных

CVSS3: 5.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-32796 xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.	CVSS3: 6.5	0% Низкий	больше 4 лет назад
CVE-2021-32796 xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.	CVSS3: 6.5	0% Низкий	больше 4 лет назад
CVE-2021-32796 xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.	CVSS3: 6.5	0% Низкий	больше 4 лет назад
CVE-2021-32796 xmldom is an open source pure JavaScript W3C standard-based (XML DOM L ...	CVSS3: 6.5	0% Низкий	больше 4 лет назад
GHSA-5fg8-2547-mr8q Misinterpretation of malicious XML input	CVSS3: 6.5	0% Низкий	больше 4 лет назад
BDU:2022-01661 Уязвимость реализации XML DOM XMLDOM, связанная с недостатком механизма кодирование или экранирование выходных данных, позволяющая нарушителю оказать воздействие на целостность данных	CVSS3: 5.3	0% Низкий	больше 4 лет назад

Уязвимостей на страницу