libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < * |