Description
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
Remediation
References
Related Vulnerabilities
WordPress 6.5 Cross-Site Scripting (6.5)
PHP Other Vulnerability (CVE-2016-4343)
Joomla! Core 1.7.x Information Disclosure (1.7.0 - 1.7.3)
Oracle Database Server CVE-2008-2600 Vulnerability (CVE-2008-2600)
WordPress Plugin DethemeKit For Elementor Multiple Cross-Site Scripting Vulnerabilities (1.5.5.4)