Количество 21
Количество 21
ELSA-2020-1827
ELSA-2020-1827: libxml2 security update (MODERATE)
openSUSE-SU-2018:3110-1
Security update for libxml2
SUSE-SU-2018:3080-1
Security update for libxml2
openSUSE-SU-2018:3107-1
Security update for libxml2
SUSE-SU-2018:3081-1
Security update for libxml2
CVE-2018-9251
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
CVE-2018-9251
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
CVE-2018-9251
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
CVE-2018-9251
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is ...
CVE-2018-14404
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.
CVE-2018-14404
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.
CVE-2018-14404
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.
CVE-2018-14404
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPat ...
GHSA-qvh5-3xv2-rf6p
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
BDU:2019-00734
Уязвимость функции xz_decomp библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании
GHSA-6qvp-r6r3-9p7h
Nokogiri NULL Pointer Dereference
BDU:2019-00518
Уязвимость функции xpath.c:xmlXPathCompOpEval() библиотеки libxml2, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2019:13985-1
Security update for libxml2
openSUSE-SU-2019:0185-1
Security update for rmt-server
SUSE-SU-2019:0272-1
Security update for rmt-server
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| ELSA-2020-1827 ELSA-2020-1827: libxml2 security update (MODERATE) | почти 6 лет назад | ||
 | openSUSE-SU-2018:3110-1 Security update for libxml2 | больше 7 лет назад | ||
| SUSE-SU-2018:3080-1 Security update for libxml2 | больше 7 лет назад | ||
| openSUSE-SU-2018:3107-1 Security update for libxml2 | больше 7 лет назад | ||
| SUSE-SU-2018:3081-1 Security update for libxml2 | больше 7 лет назад | ||
 | CVE-2018-9251 The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035. | CVSS3: 5.3 | 1% Низкий | почти 8 лет назад |
 | CVE-2018-9251 The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035. | CVSS3: 3.5 | 1% Низкий | почти 8 лет назад |
 | CVE-2018-9251 The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035. | CVSS3: 5.3 | 1% Низкий | почти 8 лет назад |
| CVE-2018-9251 The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is ... | CVSS3: 5.3 | 1% Низкий | почти 8 лет назад |
| CVE-2018-14404 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. | CVSS3: 6.5 | 20% Средний | больше 7 лет назад |
| CVE-2018-14404 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. | CVSS3: 6.5 | 20% Средний | больше 7 лет назад |
| CVE-2018-14404 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. | CVSS3: 6.5 | 20% Средний | больше 7 лет назад |
| CVE-2018-14404 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPat ... | CVSS3: 6.5 | 20% Средний | больше 7 лет назад |
| GHSA-qvh5-3xv2-rf6p The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035. | CVSS3: 5.3 | 1% Низкий | больше 3 лет назад |
 | BDU:2019-00734 Уязвимость функции xz_decomp библиотеки libxml2, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 5.3 | 1% Низкий | почти 8 лет назад |
| GHSA-6qvp-r6r3-9p7h Nokogiri NULL Pointer Dereference | CVSS3: 7.5 | 20% Средний | около 7 лет назад |
| BDU:2019-00518 Уязвимость функции xpath.c:xmlXPathCompOpEval() библиотеки libxml2, связанная с ошибками разыменования указателя, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 4.3 | 20% Средний | больше 7 лет назад |
| SUSE-SU-2019:13985-1 Security update for libxml2 | почти 7 лет назад | ||
| openSUSE-SU-2019:0185-1 Security update for rmt-server | почти 7 лет назад | ||
| SUSE-SU-2019:0272-1 Security update for rmt-server | около 7 лет назад |
Уязвимостей на страницу