Lucene search
Veracode Vulnerability DatabaseVERACODE:22902HistoryApr 01, 2020 - 12:39 a.m.
Denial Of Service (DoS)
2020-04-0100:39:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
0.007 Low
EPSS
Percentile
80.7%
libxml2 is vulnerable to denial of service (DoS). The vulnerability exists through an infinite loop caused by incorrect error detection during LZMA decompression.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libxml2 | eq | 2.9.1__5.ael7b_1.2 | |
| libxml2:buster | eq | 2.9.4+dfsg1-7+b3 | |
| libxml2:stretch | eq | 2.9.4+dfsg1-2.2+deb9u2 |
References
www.securityfocus.com/bid/105198
access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access.redhat.com/errata/RHSA-2020:1190
access.redhat.com/security/updates/classification/#moderate
gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
lists.debian.org/debian-lts-announce/2018/09/msg00035.html
lists.debian.org/debian-lts-announce/2020/09/msg00009.html
usn.ubuntu.com/3739-1/
Related
rubygems
rubygems
Nokogiri gem, via libxml2, is affected by multiple vulnerabilities
2018-10-03 21:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2018:3080-1)
2019-01-02 00:00:00
openSUSE Security Update : libxml2 (openSUSE-2018-1150)
2018-10-15 00:00:00
openSUSE Security Update : libxml2 (openSUSE-2019-785)
2019-03-27 00:00:00
nvd
nvd
CVE-2018-14567
2018-08-16 20:29:02
openvas
openvas
openSUSE: Security Advisory for libxml2 (openSUSE-SU-2018:3110-1)
2018-10-26 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:3080-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2019-0047)
2022-01-28 00:00:00
prion
prion
Design/Logic Flaw
2018-08-16 20:29:00
debiancve
debiancve
CVE-2018-14567
2018-08-16 20:29:02
cve
cve
CVE-2018-14567
2018-08-16 20:29:02
mageia
mageia
Updated libxml2 packages fix security vulnerabilities
2019-01-23 18:50:09
suse
suse
Security update for libxml2 (moderate)
2018-10-12 12:12:16
Security update for libxml2 (moderate)
2018-10-12 12:10:07
redhatcve
redhatcve
CVE-2018-14567
2018-08-22 02:19:05
osv
osv
libxml2 - security update
2018-09-27 00:00:00
libxml2 - security update
2020-09-09 00:00:00
CVE-2018-14567
2018-08-16 20:29:02
cvelist
cvelist
CVE-2018-14567
2018-08-16 20:00:00
ubuntucve
ubuntucve
CVE-2018-14567
2018-07-31 00:00:00
alpinelinux
alpinelinux
CVE-2018-14567
2018-08-16 20:29:02
ibm
ibm
debian
debian
[SECURITY] [DLA 1524-1] libxml2 security update
2018-09-27 20:04:03
[SECURITY] [DLA 2369-1] libxml2 security update
2020-09-09 22:41:50
cloudfoundry
cloudfoundry
USN-3739-1: libxml2 vulnerabilities | Cloud Foundry
2018-09-11 00:00:00
veracode
veracode
Copy-Paste Vulnerability (CPV) Through Libxml2
2018-10-16 03:04:15
ubuntu
ubuntu
libxml2 vulnerabilities
2018-08-14 00:00:00
centos
centos
libxml2 security update
2020-04-08 18:42:56
redhat
redhat
(RHSA-2020:1190) Moderate: libxml2 security update
2020-03-31 09:30:25
f5
f5
oraclelinux
oraclelinux
libxml2 security update
2020-04-06 00:00:00
amazon
amazon
Important: libxml2
2020-08-10 22:59:00
Important: libxml2
2020-07-21 16:34:00
altlinux
altlinux
kitploit
kitploit
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00