VDB
GCVE-110-MAGEIA-2016-101
GCVE-110-MAGEIA-2016-101
Advisory Published
exempi contains code to protect against a denial-service-attack
related to XML entity expansion ("billion laughs attack"), but it was
not compiled into the Mageia package because BanAllEntityUsage was not
defined when the package was compiled.
This has been corrected by recompiling it with the BanAllEntityUsage
macro defined. The exiv2 package contains a bundled copy of the same
code and has also been recompiled with the macro defined.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | exiv2 | 0 (affected), 0.24-5.1.mga5 (unaffected), 0 (affected), 0.24-5.1.mga5 (unaffected) | — |
| Mageia | drakx-net | 0 (affected), 2.24.2-1.mga5 (unaffected) | — |
| Mageia | exempi | 0 (affected), 2.2.2-14.1.mga5 (unaffected), 0 (affected), 2.2.2-14.1.mga5 (unaffected) | — |
References
Browse GCVE Records
73,053 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.