Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Stack Buffer Overflow in Woodstox
Vulnerability Description
Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
栈缓冲区溢出
Vulnerability Title
XStream 缓冲区错误漏洞
Vulnerability Description
XStream是XStream团队的一个轻量级的、简单易用的开源Java类库,它主要用于将对象序列化成XML(JSON)或反序列化为对象。 XStream存在缓冲区错误漏洞,该漏洞源于用户使用其序列化XML数据时,如果解析器是在用户提供的输入上运行的,攻击者可能提供能够利用栈溢出实现让解析器崩溃的内容导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A