Total vulnerabilities in the database
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.
| Software | From | Fixed in |
|---|---|---|
| apache / xerces-c++ | 1.5.0 | 1.5.0.x |
| apache / xerces-c++ | 1.6.0 | 1.6.0.x |
| apache / xerces-c++ | 2.0.0 | 2.0.0.x |
| apache / xerces-c++ | 1.7.0 | 1.7.0.x |
| apache / xerces-c++ | 2.6.0 | 2.6.0.x |
| apache / xerces-c++ | 1.1.0 | 1.1.0.x |
| apache / xerces-c++ | 1.0.0 | 1.0.0.x |
| apache / xerces-c++ | 2.5.0 | 2.5.0.x |
| apache / xerces-c++ | 2.4.0 | 2.4.0.x |
| apache / xerces-c++ | 2.2.0 | 2.2.0.x |
| apache / xerces-c++ | 2.7.0 | 2.7.0.x |
| apache / xerces-c++ | 1.3.0 | 1.3.0.x |
| apache / xerces-c++ | 1.2.0 | 1.2.0.x |
| apache / xerces-c++ | 1.4.0 | 1.4.0.x |
| apache / xerces-c++ | 2.1.0 | 2.1.0.x |
| apache / xerces-c++ | 1.0.1 | 1.0.1.x |
| apache / xerces-c++ | - | 2.8.0.x |
| apache / xerces-c++ | 2.3.0 | 2.3.0.x |