The Open Source libxml2 library is shipped with InfoSphere Streams. A denial of service vulnerability has been discovered in libxml2.
CVE-ID: CVE-2014-0191 **
Description**: Libxml2 is vulnerable to a denial of service attack. A remote attacker could exploit this vulnerability using a specially-crafted XML document containing malicious attributes to consume all available CPU resources. **
CVSS Base Score**: 5**
CVSS Temporal Score**: See https://exchange.xforce.ibmcloud.com/vulnerabilities/93092 for more information**
CVSS Environmental Score*******: Undefined**
CVSS Vector**: (AV:N/AC:L/Au:N/C:N/I:N/A:P)
All editions of the following versions of InfoSphere Streams
* 3.0.0.3 and earlier
* 3.1.0.3 and earlier
* 3.2.1.1 and earlier
The recommended solution is to apply the fix as soon as practical. Please see below for information on the fixes available on Fix Central.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm streams | eq | 3.0 | |
ibm streams | eq | 3.1 | |
ibm streams | eq | 3.2 | |
ibm streams | eq | 3.2.1 |