libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-04-25T23:00:00

Updated: 2024-08-06T14:25:09.526Z

Reserved: 2012-12-06T00:00:00

Link: CVE-2013-0338

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-04-25T23:55:01.500

Modified: 2024-11-21T01:47:20.213

Link: CVE-2013-0338

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-02-19T00:00:00Z

Links: CVE-2013-0338 - Bugzilla