Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
alpinelinuxAlpine Linux Development TeamALPINE:CVE-2018-9251
HistoryApr 04, 2018 - 2:29 a.m.

CVE-2018-9251

2018-04-0402:29:00
Alpine Linux Development Team
security.alpinelinux.org
15

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.2%

JSON

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

Related

cve 3
prion 3
redhatcve 2
ubuntucve 4
debiancve 3
nessus 48
alpinelinux 1
ibm 10
openvas 27
veracode 2
mageia 2
archlinux 3
amazon 2
f5 1
oraclelinux 2
fedora 6
redhat 4
suse 3
ubuntu 1
debian 3
rubygems 1
centos 1
altlinux 2
freebsd 1
osv 35
photon 2
gentoo 1
apple 8
kitploit 1
tenable 1
ics 1
cve
cve
CVE-2018-9251
2018-04-04 02:29:00
CVE-2018-14567
2018-08-16 20:29:00
CVE-2015-8035
2015-11-18 16:59:00
prion
prion
Design/Logic Flaw
2018-04-04 02:29:00
Design/Logic Flaw
2018-08-16 20:29:00
Design/Logic Flaw
2015-11-18 16:59:00
redhatcve
redhatcve
CVE-2018-9251
2018-04-09 20:20:56
CVE-2018-14567
2018-08-22 02:19:05
ubuntucve
ubuntucve
CVE-2018-9251
2018-04-04 00:00:00
CVE-2018-14567
2018-07-31 00:00:00
CVE-2015-8035
2015-11-02 00:00:00
debiancve
debiancve
CVE-2018-9251
2018-04-04 02:29:00
CVE-2018-14567
2018-08-16 20:29:00
CVE-2015-8035
2015-11-18 16:59:00
nessus
nessus
Oracle Linux 8 : libxml2 (ELSA-2020-1827)
2023-09-07 00:00:00
Tenable Log Correlation Engine (LCE) < 4.8.0 Libxml2 DoS
2016-04-25 00:00:00
Photon OS 3.0: Libxml2 PHSA-2019-3.0-0024
2019-08-26 00:00:00
alpinelinux
alpinelinux
CVE-2018-14567
2018-08-16 20:29:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in libxml2 affects IBM Watson Studio Local
2019-12-18 18:01:21
Security Bulletin: IBM MQ Appliance is affected by multiple libxml2 vulnerabilities
2020-07-27 09:24:37
Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)
2018-06-15 23:15:11
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0433)
2015-11-08 00:00:00
Fedora Update for libxml2 FEDORA-2018-3b782350ff
2018-08-07 00:00:00
Fedora Update for libxml2 FEDORA-2018-e198cf4a64
2018-08-10 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-08-01 07:49:45
Denial Of Service (DoS)
2020-04-29 02:42:19
mageia
mageia
Updated libxml2 packages fix security vulnerability
2015-11-06 01:46:03
Updated libxml2 packages fix security vulnerabilities
2019-01-23 18:50:09
archlinux
archlinux
[ASA-201810-3] libxml2: denial of service
2018-10-01 00:00:00
[ASA-201810-4] lib32-libxml2: denial of service
2018-10-01 00:00:00
libxml2: multiple issues
2015-12-09 00:00:00
amazon
amazon
Important: libxml2
2020-08-10 22:59:00
Important: libxml2
2020-07-21 16:34:00
f5
f5
K76678525 : libxml2 vulnerabilities CVE-2015-8035 CVE-2016-5131 CVE-2017-15412 CVE-2017-18258 CVE-2018-14404 CVE-2018-14567
2022-02-15 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2020-05-05 00:00:00
libxml2 security update
2020-04-06 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: libxml2-2.9.8-4.fc28
2018-08-07 01:20:06
[SECURITY] Fedora 27 Update: libxml2-2.9.8-4.fc27
2018-08-09 16:53:03
[SECURITY] Fedora 22 Update: mingw-libxml2-2.9.3-1.fc22
2016-02-17 04:26:04
redhat
redhat
(RHSA-2020:1827) Moderate: libxml2 security update
2020-04-28 09:20:58
(RHSA-2020:1190) Moderate: libxml2 security update
2020-03-31 09:30:25
(RHSA-2020:3194) Important: Container-native Virtualization security, bug fix, and enhancement update
2020-07-28 18:02:45
suse
suse
Security update for libxml2 (moderate)
2018-10-12 12:12:16
Security update for libxml2 (moderate)
2018-10-12 12:10:07
Security update for sles12-docker-image (important)
2016-03-16 15:28:52
ubuntu
ubuntu
libxml2 vulnerabilities
2015-11-16 00:00:00
debian
debian
[SECURITY] [DLA 1524-1] libxml2 security update
2018-09-27 20:04:03
[SECURITY] [DSA 3430-1] libxml2 security update
2015-12-23 13:19:18
[SECURITY] [DSA 3430-1] libxml2 security update
2015-12-23 13:19:18
rubygems
rubygems
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
2015-04-13 21:00:00
centos
centos
libxml2 security update
2020-04-08 18:42:56
altlinux
altlinux
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.9.0.52.f824-alt1
2019-05-22 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.9.0.52.f824-alt1
2019-05-22 00:00:00
freebsd
freebsd
libxml2 -- multiple vulnerabilities
2015-11-20 00:00:00
osv
osv
CVE-2018-9251
2018-04-04 02:29:00
CVE-2018-14567
2018-08-16 20:29:02
CVE-2016-9597
2018-07-30 14:29:02
photon
photon
Critical Photon OS Security Update - PHSA-2019-0024
2019-07-31 00:00:00
Critical Photon OS Security Update - PHSA-2019-3.0-0024
2019-07-29 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2017-01-16 00:00:00
apple
apple
About the security content of tvOS 9.2 - Apple Support
2017-01-23 03:54:34
About the security content of tvOS 9.2
2016-03-21 00:00:00
About the security content of watchOS 2.2
2016-03-21 00:00:00
kitploit
kitploit
Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI
2019-11-05 12:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

52.2%

JSON
Related for ALPINE:CVE-2018-9251
cve3prion3redhatcve2ubuntucve4debiancve3nessus48alpinelinux1ibm10openvas27veracode2mageia2archlinux3amazon2f51oraclelinux2fedora6redhat4suse3ubuntu1debian3rubygems1centos1altlinux2freebsd1osv35photon2gentoo1apple8kitploit1tenable1ics1