Page 9 of 81 results (0.002 seconds)
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1564 – libxml2: billion laughs DoS attack
https://notcve.org/view.php?id=CVE-2003-1564
31 Dec 2003 — libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs attack." • http://mail.gnome.org/archives/xml/2008-August/msg00034.html • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •