DoS vulnerability in XML/src/xmlparse.cpp #4123

the-Chain-Warden-thresh · 2023-08-24T13:02:21Z

Version

latest on branch devel

Poco uses libexpat to parse XML file. However, I've found that Poco doesn't fix a vulnerability in libexpat, i.e. CVE-2009-3560, which may cause a buffer over-read, and then results in a denial of service (application crash).
Specifically, next = end; ( line 3835 in XML/src/xmlparse.cpp ) should be removed to fix this vulnerability. You can check infomation and patch of this CVE for further confirmation:
Description of CVE-2009-3560: https://nvd.nist.gov/vuln/detail/https://nvd.nist.gov/vuln/detail/CVE-2009-3560[2009-3720](https://nvd.nist.gov/vuln/detail/CVE-2009-3720)
Patch commit of CVE-2009-3720: libexpat/libexpat@82d4951

The text was updated successfully, but these errors were encountered:

obiltschnig · 2023-08-24T14:06:23Z

This has not been fixed in upstream libexpat either, so we're waiting for an upstream fix.

aleks-f added the third-party label Nov 23, 2023

matejk added this to the Release 1.14.0 milestone Sep 12, 2024

matejk added this to 1.14 Sep 12, 2024

matejk self-assigned this Sep 12, 2024

matejk mentioned this issue Sep 12, 2024

Bundled expat version 2.6.3 #4683

Merged

matejk added the security label Sep 12, 2024

matejk moved this to In Progress in 1.14 Sep 12, 2024

obiltschnig closed this as completed in #4683 Sep 25, 2024

github-project-automation bot moved this from In Progress to Done in 1.14 Sep 25, 2024