CVE-2019-20201
MEDIUM WAF: Medium
CVSS 6.5
Published: 2019-12-31
CWE-400
An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML entities, leading to an infinite loop in which memory allocations occur.
WAF Coverage Analysis
Uncontrolled Resource Consumption
Medium WAF Coverage
OWASP: A05:2021 Security Misconfiguration
912xxx - DOS Protection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| ezxml_project | ezxml | 0.8.3 - 0.8.6 |
References
- sourceforge.net (Exploit, Issue Tracking, Third Party Advisory)