parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
[
{
"signature_type": "Function",
"id": "CVE-2017-16932-9cbca2ab",
"target": {
"function": "xmlParsePEReference",
"file": "parser.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/gnome/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961",
"digest": {
"function_hash": "263533509511102104235081577632389259355",
"length": 2454.0
}
},
{
"signature_type": "Line",
"id": "CVE-2017-16932-e0a3eeb7",
"target": {
"file": "parser.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/gnome/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961",
"digest": {
"threshold": 0.9,
"line_hashes": [
"186704993177497787007216624245161189268",
"61887352944731181480908449453111822945",
"288697147033437574492365536319946785001",
"73569477283897760839656389358267708967",
"16074065816719882507162385407707740966",
"88277214420597322284876703854297315924",
"162058633466512608046860326001427730352",
"105376604606758256401038091119682635446",
"207385044510654370808036289575942698003"
]
}
},
{
"signature_type": "Function",
"id": "CVE-2017-16932-e1d74ed7",
"target": {
"function": "xmlPushInput",
"file": "parser.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://github.com/gnome/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961",
"digest": {
"function_hash": "290735962556030912234166756522954887424",
"length": 530.0
}
}
]