Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:20543
HistoryJun 13, 2019 - 7:17 a.m.

Denial Of Service (DoS)

2019-06-1307:17:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

EPSS

0.001

Percentile

45.3%

Pippo Content Type Parent is vulnerable to denial of service. Pippo unsafely parses user provided XML as it allows user to provide DTD. The attacker thus could craft a malicious input to trigger a billion laughs attack, crashing the system.

EPSS

0.001

Percentile

45.3%