Davenport before 0.9.10 allows attackers to cause a denial of service (resource consumption) via (1) a very large XML file or (2) entity expansion attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Davenport | Davenport | 0.8.0 (including) | 0.8.0 (including) |
Davenport | Davenport | 0.9.0 (including) | 0.9.0 (including) |
Davenport | Davenport | 0.9.5 (including) | 0.9.5 (including) |
Davenport | Davenport | 0.9.6 (including) | 0.9.6 (including) |
Davenport | Davenport | 0.9.7 (including) | 0.9.7 (including) |
Davenport | Davenport | 0.9.8 (including) | 0.9.8 (including) |
Davenport | Davenport | 0.9.9 (including) | 0.9.9 (including) |