Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Lang
- Libxml2
- Security
- Libxml2-audit-parser
- Libxml2-expand-local-entities
- Libxml2-expand-remote-dtd
- Libxml2-expand-xinclude
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
Libxml2-expand-local-entities
Libxml2 expand local entities
The libxml2 parser is configured to process entities. Without other options such as processing DTDs or accessing remote entities from the network, it should not pose a risk except for memory exhaustion.
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-611: Improper Restriction of XML External Entity Reference
OWASP:
- A04:2017 - XML External Entities (XXE)
- A05:2021 - Security Misconfiguration