Apache » Xerces-c++ : Security Vulnerabilities, CVEs, (Denial of service)
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
Max CVSS
7.5
EPSS Score
0.75%
Published
2016-07-08
Updated
2023-02-12
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
Max CVSS
5.0
EPSS Score
4.06%
Published
2015-03-24
Updated
2023-02-05
Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions.
Max CVSS
7.8
EPSS Score
0.09%
Published
2017-08-08
Updated
2017-08-18
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework.
Max CVSS
4.3
EPSS Score
0.13%
Published
2009-08-11
Updated
2017-08-17
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.
Max CVSS
7.8
EPSS Score
0.27%
Published
2008-10-08
Updated
2017-08-08
The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consumption) via XML attributes in a crafted XML document.
Max CVSS
5.0
EPSS Score
1.09%
Published
2004-12-31
Updated
2017-07-11
6 vulnerabilities found