An open API service providing security vulnerability metadata for many open source software ecosystems.
CakePHP vulnerable to Denial of Service attack through XML payloads
RequestHandlerComponent had a vulnerability that would allow well crafted requests to create a denial of service attack. RequestHandlerComponent leverages
Xml::build() which allows reading local files. We recommend that all applications using RequestHandlerComponent upgrade, or disable parsing XML payloads.
Source: GitHub Advisory Database
Published: 15 days ago
Updated: 15 days ago
Fixed in: 2.6.6, 2.5.90, 2.4.99, 2.3.99, 2.2.99, 2.1.99, 2.0.99, 3.0.6