apache/xerces-c: The latest CVE Vulnerabilities and Exploits for Penetration Test
apache/xerces-c Vulnerability Summary Vendor name: apache Product name: xerces-c Total vulnerabilities: 10 (as 2023-05-04) apache/xerces-c Vulnerability List CVE-2018-1311: The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during… Published: 2019-12-18T20:15:00 Last Modified: 2022-02-07T16:15:00
Summary
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing.