CVE-2019-5442 in Pippo정보

요약

\~에 의해 MITRE

XML Entity Expansion (Billion Laughs Attack) on Pippo 1.12.0 results in Denial of Service.Entities are created recursively and large amounts of heap memory is taken. Eventually, the JVM process will run out of memory. Otherwise, if the OS does not bound the memory on that process, memory will continue to be exhausted and will affect other processes on the system.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2019. 01. 04.

모더레이션

수락

항목

VDB-136430

CPE

준비됨

CWE

CWE-400 (확인됨)

CVSS

7.5 (NVD)

EPSS

0.00334

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2019-5442
NVD	https://nvd.nist.gov/vuln/detail/CVE-2019-5442
CVE Details	https://www.cvedetails.com/cve/CVE-2019-5442/

◂ 이전 개요 다음 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!