The libxml2 library, used by IBM Streams may have security vulnerabilities. IBM Streams has addressed the applicable CVE.
CVE-ID: CVE-2015-8806
Description: Libxml2 is vulnerable to a denial of service, caused by a heap-buffer overread in dict.c. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base Score: 4.300
CVSS Temporal Score: <https://exchange.xforce.ibmcloud.com/vulnerabilities/110613> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
The following versions may be impacted:
NOTE: Fix Packs are available on IBM Fix Central.
To remediate/fix this issue, follow the instructions below:
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm streams | eq | 3.0 | |
ibm streams | eq | 3.1 | |
ibm streams | eq | 3.2 | |
ibm streams | eq | 3.2.1 | |
ibm streams | eq | 4.0 | |
ibm streams | eq | 4.0.1 | |
ibm streams | eq | 4.1 | |
ibm streams | eq | 4.1.1 | |
ibm streams | eq | 4.2 | |
ibm streams | eq | 4.2.1 |