漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection
Vulnerability Description
`xml.parsers.expat` and `xml.etree.ElementTree` use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch.
CVSS Information
N/A
Vulnerability Type
信息熵不充分
Vulnerability Title
CPython 安全特征问题漏洞
Vulnerability Description
CPython是Python基金会的一个用C语言实现的Python解释器。 CPython存在安全特征问题漏洞,该漏洞源于Expat哈希洪水保护使用不足的熵,可能导致特制XML文档触发哈希洪水。
CVSS Information
N/A
Vulnerability Type
N/A