Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-15412

Опубликовано: 28 авг. 2018
Источник: ubuntu
Приоритет: medium
CVSS2: 6.8
CVSS3: 8.8

Описание

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

РелизСтатусПримечание
artful

released

63.0.3239.84-0ubuntu0.17.10.1
bionic

released

63.0.3239.84-0ubuntu1
cosmic

released

63.0.3239.84-0ubuntu1
devel

released

63.0.3239.84-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [63.0.3239.84-0ubuntu0.14.04.1]]
precise/esm

DNE

trusty

released

63.0.3239.84-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [63.0.3239.84-0ubuntu0.14.04.1]
upstream

released

63.0.3239.84
xenial

released

63.0.3239.84-0ubuntu0.16.04.1

Показывать по

РелизСтатусПримечание
artful

released

2.9.4+dfsg1-4ubuntu1.2
bionic

released

2.9.4+dfsg1-6.1ubuntu1
cosmic

released

2.9.4+dfsg1-6.1ubuntu1
devel

released

2.9.4+dfsg1-6.1ubuntu1
esm-infra-legacy/trusty

released

2.9.1+dfsg1-3ubuntu4.12
esm-infra/bionic

released

2.9.4+dfsg1-6.1ubuntu1
esm-infra/xenial

released

2.9.3+dfsg1-1ubuntu0.5
precise/esm

not-affected

2.7.8.dfsg-5.1ubuntu4.20
trusty

released

2.9.1+dfsg1-3ubuntu4.12
trusty/esm

released

2.9.1+dfsg1-3ubuntu4.12

Показывать по

РелизСтатусПримечание
artful

ignored

end of life
bionic

DNE

cosmic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [Ubuntu touch end-of-life]]
esm-infra/xenial

ignored

Ubuntu touch end-of-life
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [Ubuntu touch end-of-life]
upstream

needs-triage

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-15412

CVSS3: 8.8
redhat
около 8 лет назад

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

nvd логотип

CVE-2017-15412

CVSS3: 8.8
nvd
больше 7 лет назад

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

debian логотип

CVE-2017-15412

CVSS3: 8.8
debian
больше 7 лет назад

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior ...

github логотип

GHSA-r58r-74gx-6wx3

CVSS3: 8.8
github
больше 3 лет назад

Nokogiri gem, via libxml, is affected by DoS vulnerabilities

suse-cvrf логотип

openSUSE-SU-2018:0418-1

suse-cvrf
почти 8 лет назад

Security update for libxml2

6.8 Medium

CVSS2

8.8 High

CVSS3