Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It was discovered that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given suitable attacker input, this results in expansion of recursive entity references from DTDs (CWE-776). In addition, depending on the libexpat version used, it may also allow injections using XML External Entity References (CWE-611).
CVSS Information
N/A
Vulnerability Type
DTD中递归实体索引的不恰当限制(XML实体扩展)
Vulnerability Title
Prosodical Thoughts Prosody安全漏洞
Vulnerability Description
Prosodical Thoughts Prosody是Prosodical Thoughts开源的一个应用系统。一个现代XMPP通信服务器。 Prosodical Thoughts Prosody 存在安全漏洞,该漏洞是由于对不受信任的 XML 数据的不正确验证而存在的。远程攻击者可以向受影响的服务器发送特制数据并执行拒绝服务 (DoS) 攻击。该漏洞允许远程攻击者执行拒绝服务 (DoS) 攻击。
CVSS Information
N/A
Vulnerability Type
N/A