This repository has been archived by the owner on Nov 6, 2020. It is now read-only.
CVE-2018-20843 (High) detected in expat-expat-2.2.1 #18
Labels
security vulnerability
Security vulnerability detected by WhiteSource
CVE-2018-20843 - High Severity Vulnerability
Vulnerable Library - expatexpat-2.2.1
Fast XML parser library in C
Library home page: https://sourceforge.net/projects/expat/
Found in HEAD commit: 0b8ca0156130fe8d67f2fdd42af9d2f264587034
Library Source Files (17)
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
Vulnerability Details
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
Publish Date: 2019-06-24
URL: CVE-2018-20843
CVSS 3 Score Details (7.5)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
Release Date: 2019-06-24
Fix Resolution: 2.2.7
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: