Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:USN-4784-1
HistoryMar 15, 2021 - 9:00 p.m.

xerces-c vulnerabilities

2021-03-1521:00:57
Google
osv.dev
3

7.1 High

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.6%

JSON

It was discovered that Xerces-C++ XML Parser mishandles certain kinds of
external DTD references, resulting in a user-after-free. An attacker could
use this vulnerability to cause a denial of service (crash) or possibly
execute arbitrary code. This issue affected only Ubuntu 16.04 ESM.
(CVE-2016-2099)

It was discovered that Xerces-C++ XML Parser fails to successfully parse a
DTD that is too deeply nested. An unauthenticated attacker could use this
vulnerability to cause a denial of service. This issue affected only Ubuntu
16.04 ESM. (CVE-2016-4463)

It was discovered that Xerces-C++ mishandles certain kinds of external DTD
references, resulting in dereference of a NULL pointer. An attacker could
use this vulnerability to cause a denial of service. (CVE-2017-12627)

Related

nessus 46
openvas 32
ubuntu 1
fedora 9
freebsd 1
redhatcve 3
suse 1
mageia 3
nvd 3
debian 7
cve 3
ubuntucve 3
debiancve 3
prion 3
osv 3
archlinux 3
cvelist 3
f5 4
centos 1
amazon 1
ibm 15
oraclelinux 1
redhat 3
gentoo 1
photon 4
oracle 2
nessus
nessus
Ubuntu 16.04 ESM / 18.04 ESM : Xerces-C++ vulnerabilities (USN-4784-1)
2023-10-16 00:00:00
SUSE SLED12 / SLES12 Security Update : xerces-c (SUSE-SU-2016:2154-1)
2016-09-02 00:00:00
Fedora 22 : xerces-c (2016-84373c5f4f)
2016-07-15 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4784-1)
2023-01-27 00:00:00
Fedora Update for xerces-c FEDORA-2016-d2d6890690
2016-07-10 00:00:00
Fedora Update for xerces-c27 FEDORA-2018-51ce232320
2019-05-07 00:00:00
ubuntu
ubuntu
Xerces-C++ vulnerabilities
2021-03-15 00:00:00
fedora
fedora
[SECURITY] Fedora 29 Update: xerces-c27-2.7.0-28.fc29
2019-02-13 02:48:11
[SECURITY] Fedora 23 Update: xerces-c-3.1.4-1.fc23
2016-07-06 05:56:02
[SECURITY] Fedora 22 Update: xerces-c-3.1.4-1.fc22
2016-07-06 05:52:27
freebsd
freebsd
xercesi-c3 -- multiple vulnerabilities
2016-05-09 00:00:00
redhatcve
redhatcve
CVE-2017-12627
2018-03-05 11:18:51
CVE-2016-2099
2016-05-10 10:48:36
CVE-2016-4463
2016-06-30 08:19:16
suse
suse
Security update for xerces-c (low)
2019-04-26 00:00:00
mageia
mageia
Updated xerces-c packages fix CVE-2017-12627
2018-03-06 10:55:33
Updated xerces-c packages fix security vulnerability
2018-03-19 15:13:14
Updated xerces-c packages fix security vulnerability
2016-05-20 14:38:30
nvd
nvd
CVE-2017-12627
2018-03-01 14:29:00
CVE-2016-4463
2016-07-08 19:59:01
CVE-2016-2099
2016-05-13 14:59:06
debian
debian
[SECURITY] [DLA 1328-1] xerces-c security update
2018-03-29 21:49:55
[SECURITY] [DSA 3610-1] xerces-c security update
2016-06-29 20:19:01
[SECURITY] [DSA 3579-1] xerces-c security update
2016-05-16 07:01:24
cve
cve
CVE-2017-12627
2018-03-01 14:29:00
CVE-2016-4463
2016-07-08 19:59:01
CVE-2016-2099
2016-05-13 14:59:06
ubuntucve
ubuntucve
CVE-2017-12627
2018-03-01 00:00:00
CVE-2016-4463
2016-07-08 00:00:00
CVE-2016-2099
2016-05-13 00:00:00
debiancve
debiancve
CVE-2017-12627
2018-03-01 14:29:00
CVE-2016-4463
2016-07-08 19:59:01
CVE-2016-2099
2016-05-13 14:59:06
prion
prion
Null pointer dereference
2018-03-01 14:29:00
Design/Logic Flaw
2016-05-13 14:59:00
Stack overflow
2016-07-08 19:59:00
osv
osv
xerces-c - security update
2018-03-29 00:00:00
xerces-c - security update
2016-06-29 00:00:00
xerces-c - security update
2016-05-12 00:00:00
archlinux
archlinux
[ASA-201803-23] xerces-c: arbitrary code execution
2018-03-25 00:00:00
xerces-c: arbitrary code execution
2016-06-25 00:00:00
xerces-c: denial of service
2016-07-05 00:00:00
cvelist
cvelist
CVE-2017-12627
2018-02-28 00:00:00
CVE-2016-2099
2016-05-13 14:00:00
CVE-2016-4463
2016-07-08 19:00:00
f5
f5
K04253390 : Apache Xerces vulnerability CVE-2016-2099
2016-07-18 00:00:00
SOL70191975 - Apache Xerces vulnerability CVE-2016-4463
2016-09-15 00:00:00
SOL04253390 - Apache Xerces vulnerability CVE-2016-2099
2016-07-18 00:00:00
centos
centos
xerces security update
2018-11-15 18:53:50
amazon
amazon
Medium: xerces-c
2018-12-06 20:30:00
ibm
ibm
Security Bulletin: A vulnerability in the Apache Xerces-C XML Parser library affects IBM Performance Management products (CVE-2016-4463)
2018-06-17 15:36:12
Security Bulletin: A vulnerability in Apache Xerces-C XML Parser library affects IBM Tivoli Composite Application Manager for Transactions (CVE-2016-4463)
2018-06-17 15:32:58
Security Bulletin: IBM Streams is affected by Open Source Apache Xerces-C XML parser Vulnerabilities (CVE-2016-4463)
2018-06-16 13:43:12
oraclelinux
oraclelinux
xerces-c security update
2018-11-05 00:00:00
redhat
redhat
(RHSA-2018:3514) Moderate: xerces-c security update
2018-11-06 15:43:00
(RHSA-2018:3506) Moderate: xerces-c security update
2018-11-06 14:46:34
(RHSA-2018:3335) Moderate: xerces-c security update
2018-10-30 04:44:38
gentoo
gentoo
Xerces-C++: Multiple vulnerabilities
2016-12-24 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0126
2018-04-24 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0037
2018-04-23 00:00:00
Critical Photon OS Security Update - PHSA-2018-0126
2018-04-24 00:00:00
oracle
oracle
CPU July 2018
2018-07-17 00:00:00
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00

7.1 High

AI Score

Confidence

High

0.028 Low

EPSS

Percentile

90.6%

JSON
Related for OSV:USN-4784-1
nessus46openvas32ubuntu1fedora9freebsd1redhatcve3suse1mageia3nvd3debian7cve3ubuntucve3debiancve3prion3osv3archlinux3cvelist3f54centos1amazon1ibm15oraclelinux1redhat3gentoo1photon4oracle2