CVE-2026-4224 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow…
Medium CVSS: 6.0

CVE-2026-4224

When an Expat parser with a registered ElementDeclHandler parses an inline
document type definition containing a deeply nested content model a C stack
overflow occurs.
Vendor
-
Product
-
CWE
CWE-674
Yayın Tarihi
2026-03-16 18:16:10
Güncelleme
2026-03-17 14:20:01
Source Identifier
cna@python.org
KEV Date Added
-

Kategoriler

CWE-674 MEDIUM 2026

Referanslar

https://github.com/python/cpython/commit/196edfb06a7458377d4d0f4b3cd41724c1f3bd4a https://github.com/python/cpython/commit/e0a8a6da90597a924b300debe045cdb4628ee1f3 https://github.com/python/cpython/commit/eb0e8be3a7e11b87d198a2c3af1ed0eccf532768 https://github.com/python/cpython/issues/145986 https://github.com/python/cpython/pull/145987 https://mail.python.org/archives/list/security-announce@python.org/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/ http://www.openwall.com/lists/oss-security/2026/03/16/4