CVE-2018-20843

Published: Jun 24, 2019Modified: May 30, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

Affected (19)

Products: Libexpat Project: Libexpat · Canonical: Ubuntu Linux · Debian: Debian Linux · +4 more

Show all products

Libexpat Project: Libexpat · Canonical: Ubuntu Linux · Debian: Debian Linux · Fedoraproject: Fedora · Opensuse: Leap · Oracle: Hospitality Res 3700, Http Server, Outside In Technology · Tenable: Nessus

1 product

1 product

1 product

1 product

1 product

3 products

Outside In Technology

Tenable

1 product

Nessus

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Libexpat Project Libexpat	Before 2.2.7

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 18.10
Canonical Ubuntu Linux	Version 19.04

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 29
Fedoraproject Fedora	Version 30

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.0
Opensuse Leap	Version 15.1

Configuration F

5 vulnerable

Vulnerable Software	Affected Versions
Oracle Hospitality Res 3700	From 5.7 to 5.7.6
Oracle Http Server	Version 12.1.3.0
Oracle Http Server	Version 12.2.1.4.0
Oracle Outside In Technology	Version 8.5.4
Oracle Outside In Technology	Version 8.5.5

Configuration G

1 vulnerable

Vulnerable Software	Affected Versions
Tenable Nessus	Before 8.15.0

Related CWEs

CWE-611

Improper Restriction of XML External Entity Reference

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

References (42)

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226

Source: cve@mitre.org

Issue TrackingThird Party Advisory

https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes

Source: cve@mitre.org

Release NotesThird Party Advisory

https://github.com/libexpat/libexpat/issues/186

Source: cve@mitre.org

Issue TrackingPatchThird Party Advisory

https://github.com/libexpat/libexpat/pull/262

Source: cve@mitre.org

ExploitPatchThird Party Advisory

https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6

Source: cve@mitre.org

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/

Source: cve@mitre.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/

Source: cve@mitre.org

https://seclists.org/bugtraq/2019/Jun/39

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/201911-08

Source: cve@mitre.org

Third Party Advisory

https://security.netapp.com/advisory/ntap-20190703-0001/

Source: cve@mitre.org

Third Party Advisory

https://support.f5.com/csp/article/K51011533

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4040-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4040-2/

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2019/dsa-4472

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpuApr2021.html

Source: cve@mitre.org

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuapr2020.html

Source: cve@mitre.org

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuoct2020.html

Source: cve@mitre.org

PatchThird Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Source: cve@mitre.org

PatchThird Party Advisory

https://www.tenable.com/security/tns-2021-11

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html