VDB

CVE-2012-0880

CVE-2012-0880 PUBLISHED

Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions.

EPSS 1.69% · 82.6th percentile

Risk Scores

EPSS Score
1.69%
82.6th percentile

Affected Products

VendorProductVersions
Ubuntu:24.04:LTSxerces-c0, *, 3.2.4+debian-1.2ubuntu2
Ubuntu:Pro:16.04:LTSxerces-c3.1.2+debian-1, 0, *
Ubuntu:Pro:22.04:LTSxerces-c3.2.3+debian-3build1, 0, 3.2.3+debian-3
Ubuntu:Pro:14.04:LTSxerces-c3.1.1-5.1+deb8u3build0.14.04.1, 3.1.1-5.1+deb8u2build0.14.04.1, 3.1.1-3
Ubuntu:25.10xerces-c3.2.4+debian-1.3build1, 0
Ubuntu:20.04:LTSxerces-c3.2.2+debian-1build1, *, *
Ubuntu:Pro:18.04:LTSxerces-c3.2.0+debian-2ubuntu0.1~esm1, *, 0

Timeline

  • Aug 8, 2017 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›