Denial of Service Vulnerability in Python XML Libraries Affecting OpenStack and Django
CVE-2013-1664

Currently unrated

Key Information:

Vendor

Openstack
Status
Cinder Folsom
Keystone Essex
Grizzly
Folsom
Vendor
CVE Published:
3 April 2013

What is CVE-2013-1664?

The vulnerability found in the XML libraries used across various Python versions allows remote attackers to exploit XML Entity Expansion (XEE) attacks. This can result in resource consumption that leads to a denial of service, impacting applications leveraging these libraries, including OpenStack components and Django. Affected systems may experience crashes, disrupting availability and performance.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.openwall.com/lists/oss-security/2013/02/19/4
mailing-listx_refsource_MLIST
http://lists.openstack.org/pipermail/openstack-announce/2...
mailing-listx_refsource_MLIST
http://rhn.redhat.com/errata/RHSA-2013-0658.html
vendor-advisoryx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.