Description

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.

Remediation

References

CVE-2017-9233

Related Vulnerabilities

Joomla! Core 1.5.x Cross-Site Scripting (1.5.0 - 1.5.11)

WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Security Bypass (9.6.1)

WordPress Plugin WP SVG Icons Multiple Unspecified Vulnerabilities (3.1.8.1)

WordPress Plugin Advanced AJAX Page Loader Cross-Site Request Forgery (2.7.7)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3727)

Severity

High

Classification

CVE-2017-9233 CWE-611 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities