Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-9251

Опубликовано: 04 апр. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.6
CVSS3: 5.3

Описание

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

РелизСтатусПримечание
artful

not-affected

devel

not-affected

esm-infra-legacy/trusty

not-affected

esm-infra/xenial

not-affected

precise/esm

not-affected

trusty

not-affected

trusty/esm

not-affected

upstream

released

2.9.9
xenial

not-affected

Показывать по

Ссылки на источники

EPSS

Процентиль: 77%
0.01046
Низкий

2.6 Low

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-9251

CVSS3: 3.5
redhat
почти 8 лет назад

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

nvd логотип

CVE-2018-9251

CVSS3: 5.3
nvd
почти 8 лет назад

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

debian логотип

CVE-2018-9251

CVSS3: 5.3
debian
почти 8 лет назад

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is ...

github логотип

GHSA-qvh5-3xv2-rf6p

CVSS3: 5.3
github
больше 3 лет назад

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

fstec логотип

BDU:2019-00734

CVSS3: 5.3
fstec
почти 8 лет назад

Уязвимость функции xz_decomp библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 77%
0.01046
Низкий

2.6 Low

CVSS2

5.3 Medium

CVSS3