Required CVE Record Information
Description
SOAPpy 0.12.5 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted SOAP request containing a large number of nested entity references.
References 5 Total
- seclists.org: 20140506 CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities mailing-list
- openwall.com: [oss-security] 20140506 CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities mailing-list
- http://www.pnigos.com/?p=260
- securityfocus.com: 67216 vdb-entry
- openwall.com: [oss-security] 20140506 Re: CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- seclists.org: 20140506 CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities mailing-listx_transferred
- openwall.com: [oss-security] 20140506 CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities mailing-listx_transferred
- http://www.pnigos.com/?p=260 x_transferred
- securityfocus.com: 67216 vdb-entryx_transferred
- openwall.com: [oss-security] 20140506 Re: CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities mailing-listx_transferred