Описание
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libxml2 | fixed | 2.9.2+really2.9.1+dfsg1-0.1 | package |
Примечания
Added workaround item to reflect entry fixed status, remove once CVE assigned
CVE Request: https://www.openwall.com/lists/oss-security/2015/04/19/4
https://bugzilla.gnome.org/show_bug.cgi?id=746048
https://gitlab.gnome.org/GNOME/libxml2/-/commit/e724879d964d774df9b7969fc846605aa1bac54c
EPSS
Связанные уязвимости
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.
EPSS