Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-9fj4-8443-vg2m

Опубликовано: 29 авг. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 6.5

Описание

Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.

Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.

EPSS

Процентиль: 27%
0.00093
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-119

Связанные уязвимости

CVSS3: 6.5
ubuntu
почти 2 года назад

Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.

CVSS3: 6.5
redhat
почти 2 года назад

Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.

CVSS3: 6.5
nvd
почти 2 года назад

Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.

CVSS3: 6.5
debian
почти 2 года назад

Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds rea ...

suse-cvrf
почти 2 года назад

Security update for libxml2

EPSS

Процентиль: 27%
0.00093
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-119