CVE-2012-2921

Universal Feed Parser (aka feedparser or python-feedparser) before 5.1.2 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML ENTITY declaration in a non-ASCII encoded document.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
VendorProductVersion
mark_pilgrimfeedparser
𝑥
≤ 5.1.1
mark_pilgrimfeedparser
3.0
mark_pilgrimfeedparser
3.0.1
mark_pilgrimfeedparser
3.1
mark_pilgrimfeedparser
3.2
mark_pilgrimfeedparser
3.3
mark_pilgrimfeedparser
4.0
mark_pilgrimfeedparser
4.0.1
mark_pilgrimfeedparser
4.0.2
mark_pilgrimfeedparser
4.1
mark_pilgrimfeedparser
5.0
mark_pilgrimfeedparser
5.0.1
mark_pilgrimfeedparser
5.1
mark_pilgrimfeedparser
5.1.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
feedparser
bullseye
5.2.1-3
fixed
squeeze
no-dsa
bookworm
6.0.10-1
fixed
sid
6.0.11-2
fixed
trixie
6.0.11-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
feedparser
saucy
Fixed 5.1-0ubuntu4
released
raring
Fixed 5.1-0ubuntu4
released
quantal
Fixed 5.1-0ubuntu4
released
precise
Fixed 5.1-0ubuntu3.1
released
oneiric
ignored
natty
ignored
lucid
ignored
hardy
ignored
Common Weakness Enumeration
References
http://freecode.com/projects/feedparser/releases/344371
http://osvdb.org/81701
http://secunia.com/advisories/49256
http://www.mandriva.com/security/advisories?name=MDVSA-2013:118
http://www.securityfocus.com/bid/53654
https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706&r=706
https://code.google.com/p/feedparser/source/detail?r=703&path=/trunk/feedparser/feedparser.py
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157
http://freecode.com/projects/feedparser/releases/344371
http://osvdb.org/81701
http://secunia.com/advisories/49256
http://www.mandriva.com/security/advisories?name=MDVSA-2013:118
http://www.securityfocus.com/bid/53654
https://code.google.com/p/feedparser/source/browse/trunk/NEWS?spec=svn706&r=706
https://code.google.com/p/feedparser/source/detail?r=703&path=/trunk/feedparser/feedparser.py
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0157