« List of all CVEs

CVE-2012-0876

Published: 7/3/2012 Last updated: 8/6/2024 Reserved: 1/19/2012

The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (11)

conf-expat conf-gtk2 conf-gtk3 conf-python-2-7 conf-python-2-7-dev conf-python-3 conf-python-3-7 conf-python-3-dev ocaml-expat py termbox

Products affected (1)

Product	Vendor	Version
n/a	n/a	24.0 ap377485

References (44)