Lucene search
Veracode Vulnerability DatabaseVERACODE:5482HistoryNov 23, 2017 - 11:43 p.m.
Copy-paste Vulnerability Through LibXML2
2017-11-2323:43:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21
EPSS
0.011
Percentile
84.5%
Nokogiri and chef are vulnerable to attacks through a copied version of LibXML2 within the codebase. LibXML2 before 2.9.5 is vulnerable to the following CVEs: 1) CVE-2017-16931 - LibXML2 incorrectly handles parameter-entity references in parser.c. 2) CVE-2017-16932 - LibXML2 can enter an infinite loop through parameter entities in parser.c.
Related
debian
debian
[SECURITY] [DLA 1194-1] libxml2 security update
2017-11-30 14:05:13
[SECURITY] [DLA 2972-1] libxml2 security update
2022-04-08 21:17:02
ibm
ibm
nessus
nessus
Debian DLA-1194-1 : libxml2 security update
2017-12-01 00:00:00
EulerOS 2.0 SP1 : libxml2 (EulerOS-SA-2018-1088)
2018-05-02 00:00:00
EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2018-1156)
2018-06-28 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1194-1)
2023-03-08 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1258)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1257)
2020-01-23 00:00:00
osv
osv
libxml2 - security update
2017-11-30 00:00:00
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
2022-05-13 01:02:39
libxml2 - security update
2022-04-08 00:00:00
prion
prion
Code injection
2017-11-23 21:29:00
Design/Logic Flaw
2017-11-23 21:29:00
nvd
nvd
CVE-2017-16931
2017-11-23 21:29:00
CVE-2017-16932
2017-11-23 21:29:00
cve
cve
CVE-2017-16931
2017-11-23 21:29:00
CVE-2017-16932
2017-11-23 21:29:00
redhatcve
redhatcve
CVE-2017-16931
2017-11-24 15:49:50
CVE-2017-16932
2017-11-24 15:50:03
ubuntucve
ubuntucve
CVE-2017-16932
2017-11-23 00:00:00
CVE-2017-16931
2017-11-23 00:00:00
cloudfoundry
cloudfoundry
USN-3504-1: libxml2 vulnerability | Cloud Foundry
2017-12-14 00:00:00
USN-3739-1: libxml2 vulnerabilities | Cloud Foundry
2018-09-11 00:00:00
cvelist
cvelist
CVE-2017-16932
2017-11-23 21:00:00
CVE-2017-16931
2017-11-23 21:00:00
veracode
veracode
Arbitrary Code Execution
2020-05-10 23:23:44
Denial Of Service (DoS)
2022-04-13 21:57:25
Copy-Paste Vulnerability (CPV) Through Libxml2
2018-10-16 03:04:15
ubuntu
ubuntu
libxml2 vulnerability
2017-12-05 00:00:00
libxml2 vulnerability
2017-12-05 00:00:00
libxml2 vulnerabilities
2018-08-14 00:00:00
rubygems
rubygems
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
2018-01-28 21:00:00
alpinelinux
alpinelinux
CVE-2017-16932
2017-11-23 21:29:00
CVE-2017-16931
2017-11-23 21:29:00
debiancve
debiancve
CVE-2017-16932
2017-11-23 21:29:00
CVE-2017-16931
2017-11-23 21:29:00
github
github
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
2022-05-13 01:02:39
amazon
amazon
Medium: libxml2
2019-09-30 22:47:00
Medium: libxml2
2023-04-27 16:19:00
mageia
mageia
Updated libxml2 packages fix security vulnerability
2018-01-03 18:50:51
Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities
2018-01-03 18:50:51
freebsd
freebsd
clamav -- multiple vulnerabilities
2018-07-09 00:00:00
hackerone
hackerone
Internet Bug Bounty: Multiple issues in Libxml2 (2.9.2 - 2.9.5)
2017-11-27 06:37:31
rosalinux
rosalinux
Advisory ROSA-SA-2021-1905
2021-07-02 17:25:35
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2021
2021-07-20 00:00:00