All vulnerabilities
7 / 7
Sort
7.5
CVE-2009-1955DEB
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.…
2009-01-01Pre-auth
EPSS53.3%
pct 98
7.6
CVE-2017-18640DEB
The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a r…
2017-01-01Pre-auth
EPSS26.7%
pct 97
7.5
CVE-2018-11761DEB
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They…
2018-01-01Pre-auth
EPSS9.6%
pct 94
7.5
CVE-2019-12401DEB
Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resou…
2019-01-01Pre-auth
EPSS7.5%
pct 93
6.5
CVE-2008-3281DEB
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an att…
2008-01-01Pre-auth
EPSS2.5%
pct 82
7.5
CVE-2024-28757ANC
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of exte…
2024-01-01Pre-auth
EPSS2.0%
pct 78
6.5
CVE-2003-1564CVE
libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, whi…
2003-01-01Pre-auth
EPSS1.6%
pct 72
Select a vulnerability on the left to open the preview.