CPE-1BE0ADBC-A326-470E-B5CB-1A844578921A Détail

CPE Details

Apache Software Foundation Xerces-C++ 3.0.1

Vendor

apache

Product

xerces-c\+\+

Version

3.0.1

Created

2018-04-19
09h47 +00:00

Modifié

2023-02-05
20h10 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:apache:xerces-c\+\+:3.0.1:::::::*

Informations

Vendor

apache

Product

xerces-c\+\+

Version

3.0.1

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2024-23807	2024-02-28 13h50 +00:00	The Apache Xerces C++ XML parser on versions 3.0.0 before 3.2.5 contains a use-after-free error triggered during the scanning of external DTDs. Users are recommended to upgrade to version 3.2.5 which fixes the issue, or mitigate the issue by disabling DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable. This issue has been disclosed before as CVE-2018-1311, but unfortunately that advisory incorrectly stated the issue would be fixed in version 3.2.3 or 3.2.4.	9.8	Critique
CVE-2018-1311	2019-12-17 23h00 +00:00	The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.	8.1	Haute
CVE-2017-12627	2018-03-01 14h00 +00:00	In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions.	9.8	Critique
CVE-2016-4463	2016-07-08 17h00 +00:00	Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.	7.5	Haute
CVE-2016-2099	2016-05-13 12h00 +00:00	Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.	9.8	Critique
CVE-2015-0252	2015-03-24 16h00 +00:00	internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.	5

Apache Software Foundation Xerces-C++ 3.0.1

CPE Details

CPE Name: cpe:2.3:a:apache:xerces-c\+\+:3.0.1:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:apache:xerces-c\+\+:3.0.1:::::::*