Vulnerabilidades en NaturalIntelligence
11 resultadosCVE-2023-34104HIGHRegex Injection via Doctype EntitiesEPSS 1.1%CVE-2024-41818HIGHReDOS at currency parsing fast-xml-parserEPSS 0.8%CVE-2026-26278HIGHfast-xml-parser affected by DoS through entity expansion in DOCTYPE (no expansion limit)EPSS 0.6%CVE-2026-33036HIGHfast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)EPSS 0.6%CVE-2026-25128HIGHfast-xml-parser has RangeError DoS Numeric Entities BugEPSS 0.6%CVE-2026-27942LOWfast-xml-parser has stack overflow in XMLBuilder with preserveOrderEPSS 0.5%CVE-2026-33349MEDIUMfast-xml-parser: Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy EvaluationEPSS 0.4%CVE-2026-25896CRITICALfast-xml-parser has an entity encoding bypass via regex injection in DOCTYPE entity namesEPSS 0.4%CVE-2026-41650MEDIUMfast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped DelimitersEPSS 0.2%CVE-2026-44665MEDIUMfast-xml-builder: Attribute values with unwanted quotes can bypass malicious or unwanted attributesEPSS 0.2%CVE-2026-44664MEDIUMfast-xml-builder: Comment Value bypass regexEPSS 0.2%