CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS
Percentile
27.8%
The updated packages fix a security vulnerability: Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. (CVE-2023-39615).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 8 | noarch | libxml2 | < 2.9.10-7.8 | libxml2-2.9.10-7.8.mga8 |
Mageia | 9 | noarch | libxml2 | < 2.10.4-1.1 | libxml2-2.10.4-1.1.mga9 |