mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-26 22:06:35 +01:00
d4460393ce
Signed-off-by: David Spencer <idlemoor@slackbuilds.org>
7 lines
526 B
Text
7 lines
526 B
Text
The results of an attack on a vulnerable XML library can be fairly dramatic.
|
|
With just a few hundred Bytes of XML data an attacker can occupy several
|
|
Gigabytes of memory within seconds. An attacker can also keep CPUs busy for a
|
|
long time with a small to medium size request. Under some circumstances it is
|
|
even possible to access local files on your server, to circumvent a firewall,
|
|
or to abuse services to rebound attacks to third parties. This library allows
|
|
for XML to be parsed in a manner that avoids these pitfalls.
|