CVE-2021-40511

High

OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.

mitre·CWE-776·Published 2022-06-21

CVSS

7.5

EPSS

0.01

KEV

Exploits

cve.orgen

120 chars

OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.

NVDen

120 chars

OBDA systems’ Mastro 1.0 is vulnerable to XML Entity Expansion (aka “billion laughs”) attack allowing denial of service.

NVDes

162 chars

Mastro 1.0 de OBDA systems es vulnerable a un ataque de tipo XML Entity Expansion (también se conoce como "billion laughs") que permite una denegación de servicio

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H