Description

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

Remediation

References

CVE-2018-20843

Related Vulnerabilities

WordPress Plugin WooCommerce Affiliate-Coupon Affiliates Cross-Site Request Forgery (4.11.3.3)

MySQL Other Vulnerability (CVE-2000-0148)

WordPress Plugin Events Manager Cross-Site Scripting (5.8.1.1)

WordPress Plugin FoxyPress 'uploadify.php' Arbitrary File Upload (0.4.2.1)

WordPress Plugin wpForo Forum Multiple Vulnerabilities (2.1.7)

Severity

High

Classification

CVE-2018-20843 CWE-611 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities