Davenport before 0.9.10 allows attackers to cause a denial of service (resource consumption) via (1) a very large XML file or (2) entity expansion attacks.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| davenport | davenport | 0.9.7 |
| davenport | davenport | 0.8.0 |
| davenport | davenport | 0.9.8 |
| davenport | davenport | 0.9.0 |
| davenport | davenport | 0.9.6 |
| davenport | davenport | 0.9.9 |
| davenport | davenport | 0.9.5 |