In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
{ "vanir_signatures": [ { "digest": { "length": 670.0, "function_hash": "10718674393994758979083102855553023681" }, "source": "https://github.com/libexpat/libexpat/commit/d3b78b42a2dcdea98e22625cfff67a49d47e6025", "signature_type": "Function", "target": { "function": "START_TEST", "file": "expat/tests/runtests.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2018-20843-74406d59" }, { "digest": { "line_hashes": [ "70970158302216444732948686873374648009", "197734145770944038326200234670765972062", "333002349092091346504095730741649465004", "132190683235044997527211951942674695301" ], "threshold": 0.9 }, "source": "https://github.com/libexpat/libexpat/commit/d3b78b42a2dcdea98e22625cfff67a49d47e6025", "signature_type": "Line", "target": { "file": "expat/tests/runtests.c" }, "deprecated": false, "signature_version": "v1", "id": "CVE-2018-20843-ee80e572" } ] }