Описание
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | |
| devel | released | 2.9.4+dfsg1-6.1ubuntu1 |
| esm-infra-legacy/trusty | ignored | |
| esm-infra/xenial | ignored | |
| precise | ignored | end of life |
| precise/esm | ignored | |
| trusty | ignored | |
| trusty/esm | ignored | |
| upstream | released | 2.9.4+dfsg1-5.1, 2.9.5 |
| vivid/stable-phone-overlay | ignored | end of life |
Показывать по
2.6 Low
CVSS2
4.7 Medium
CVSS3
Связанные уязвимости
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
libxml2 2.9.4, when used in recover mode, allows remote attackers to c ...
** DISPUTED ** libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser."
Уязвимость библиотеки Libxml2, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании
2.6 Low
CVSS2
4.7 Medium
CVSS3