CVE-2020-24977

Опубликовано: 04 сент. 2020

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 6.4

CVSS3: 6.5

Описание

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

Релиз	Статус	Примечание
bionic	released	2.9.4+dfsg1-6.1ubuntu1.4
devel	not-affected	2.9.10+dfsg-6.3build2
esm-infra-legacy/trusty	released	2.9.1+dfsg1-3ubuntu4.13+esm2
esm-infra/bionic	released	2.9.4+dfsg1-6.1ubuntu1.4
esm-infra/focal	released	2.9.10+dfsg-5ubuntu0.20.04.1
esm-infra/xenial	released	2.9.3+dfsg1-1ubuntu0.7+esm1
focal	released	2.9.10+dfsg-5ubuntu0.20.04.1
groovy	released	2.9.10+dfsg-5ubuntu0.20.10.2
hirsute	not-affected	2.9.10+dfsg-6.3build2
impish	not-affected	2.9.10+dfsg-6.3build2

Показывать по

Ссылки на источники

EPSS

Процентиль: 65%

0.00502

Низкий

6.4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2020-24977

CVSS3: 6.5

redhat

больше 5 лет назад

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

CVE-2020-24977

CVSS3: 6.5

nvd

больше 5 лет назад

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

CVE-2020-24977

CVSS3: 6.5

msrc

больше 5 лет назад

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

CVE-2020-24977

CVSS3: 6.5

debian

больше 5 лет назад

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerabil ...

openSUSE-SU-2020:1465-1

suse-cvrf

больше 5 лет назад

Security update for libxml2

EPSS

Процентиль: 65%

0.00502

Низкий

6.4 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2020-24977

Описание

Пакет libxml2

Ссылки на источники

Связанные уязвимости