CVE-2013-6460

Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*
cpe:2.3:a:nokogiri:nokogiri:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:redhat:cloudforms_management_engine:5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:subscription_asset_manager:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-11-05 15:15

Updated : 2024-02-28 17:28


NVD link : CVE-2013-6460

Mitre link : CVE-2013-6460

CVE.ORG link : CVE-2013-6460


JSON object : View

Products Affected

debian

  • debian_linux

redhat

  • satellite
  • subscription_asset_manager
  • openstack
  • cloudforms_management_engine
  • enterprise_mrg

nokogiri

  • nokogiri
CWE
CWE-776

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')