Описание
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libxml2 | fixed | 2.9.4+dfsg1-3.1 | package |
Примечания
https://bugzilla.gnome.org/show_bug.cgi?id=781361 (not public)
https://www.openwall.com/lists/oss-security/2017/05/15/1
Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/e26630548e7d138d2c560844c43820b6767251e3
EPSS
Связанные уязвимости
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
Уязвимость функции xmlDictAddString (dict.c) библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
EPSS