Описание
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| chromium-browser | fixed | 52.0.2743.82-1 | package | |
| chromium-browser | end-of-life | wheezy | package | |
| libxml2 | fixed | 2.9.4+dfsg1-2.1 | package |
Примечания
Google fix: https://codereview.chromium.org/2127493002
Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/9ab01a277d71f54d3143c2cf333c5c2e9aaedd9e
Requisite for the test: https://gitlab.gnome.org/GNOME/libxml2/-/commit/a005199330b86dada19d162cae15ef9bdcb6baa8
EPSS
Связанные уязвимости
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
EPSS