Lucene search
Alpine Linux Development TeamALPINE:CVE-2020-24977HistorySep 04, 2020 - 12:15 a.m.
CVE-2020-24977
2020-09-0400:15:10
Alpine Linux Development Team
security.alpinelinux.org
21
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
AI Score
7.2
Confidence
High
EPSS
0.003
Percentile
69.0%
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | libxml2 | < 2.9.10-r5 | UNKNOWN |
| Alpine | 3.10-main | noarch | libxml2 | < 2.9.9-r4 | UNKNOWN |
| Alpine | 3.11-main | noarch | libxml2 | < 2.9.10-r4 | UNKNOWN |
| Alpine | 3.12-main | noarch | libxml2 | < 2.9.10-r5 | UNKNOWN |
| Alpine | 3.13-main | noarch | libxml2 | < 2.9.10-r5 | UNKNOWN |
| Alpine | 3.14-main | noarch | libxml2 | < 2.9.10-r5 | UNKNOWN |
| Alpine | 3.15-main | noarch | libxml2 | < 2.9.10-r5 | UNKNOWN |
| Alpine | 3.16-main | noarch | libxml2 | < 2.9.10-r5 | UNKNOWN |
| Alpine | 3.17-main | noarch | libxml2 | < 2.9.10-r5 | UNKNOWN |
| Alpine | 3.18-main | noarch | libxml2 | < 2.9.10-r5 | UNKNOWN |
Related
nessus
nessus
Photon OS 2.0: Libxml2 PHSA-2020-2.0-0285
2020-09-21 00:00:00
EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2020-2178)
2020-10-09 00:00:00
EulerOS Virtualization 3.0.6.6 : libxml2 (EulerOS-SA-2021-1495)
2021-03-04 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-libxml2-2.9.10-3.fc33
2020-09-25 17:19:43
[SECURITY] Fedora 33 Update: mingw-libxml2-2.9.10-8.fc33
2020-11-20 01:40:57
[SECURITY] Fedora 32 Update: mingw-libxml2-2.9.10-8.fc32
2020-11-20 01:28:00
prion
prion
Buffer overflow
2020-09-04 00:15:00
osv
osv
Moderate: libxml2 security update
2021-05-18 05:36:57
libxml2 vulnerabilities
2021-06-17 14:59:21
Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12
2021-05-17 20:52:05
openvas
openvas
Fedora: Security Advisory for mingw-libxml2 (FEDORA-2020-be489044df)
2020-09-26 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2021-1553)
2021-03-05 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2020-2168)
2020-10-12 00:00:00
cbl_mariner
cbl_mariner
CVE-2020-24977 affecting package libxml2 2.9.10-4
2020-11-30 19:30:45
cve
cve
CVE-2020-24977
2020-09-04 00:15:10
redhatcve
redhatcve
CVE-2020-24977
2020-09-10 13:13:57
redhat
redhat
(RHSA-2021:1597) Moderate: libxml2 security update
2021-05-18 05:36:57
(RHSA-2021:2705) Moderate: Release of OpenShift Serverless 1.16.0
2021-07-13 16:31:04
mageia
mageia
Updated libxml2 packages fix a security vulnerability
2021-01-04 17:42:30
veracode
veracode
Arbitrary Code Execution
2020-09-07 03:15:00
nvd
nvd
CVE-2020-24977
2020-09-04 00:15:10
suse
suse
Security update for libxml2 (moderate)
2020-09-19 00:00:00
Security update for libxml2 (moderate)
2020-09-15 00:00:00
debiancve
debiancve
CVE-2020-24977
2020-09-04 00:15:10
oraclelinux
oraclelinux
libxml2 security update
2021-05-25 00:00:00
almalinux
almalinux
Moderate: libxml2 security update
2021-05-18 05:36:57
cvelist
cvelist
CVE-2020-24977
2020-09-03 23:20:35
rocky
rocky
libxml2 security update
2021-05-18 05:36:57
ubuntucve
ubuntucve
CVE-2021-3517
2021-05-19 00:00:00
CVE-2020-24977
2020-09-04 00:00:00
ics
ics
Hitachi Energy RTU500 series
2021-12-02 12:00:00
Hitachi Energy APM Edge (Update A)
2022-10-18 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
amazon
amazon
Medium: libxml2
2021-06-16 20:37:00
Medium: libxml2
2023-04-27 16:19:00
archlinux
archlinux
[ASA-202011-15] libxml2: multiple issues
2020-11-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.10-alt4
2020-11-06 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.10-alt4
2020-11-09 00:00:00
freebsd
freebsd
libxml -- multiple vulnerabilities
2020-01-21 00:00:00
photon
photon
ibm
ibm
gentoo
gentoo
libxml2: Multiple vulnerabilities
2021-07-06 00:00:00
github
github
Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12
2021-05-17 20:52:05
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-3516, CVE-2021-3537, CVE-2017-8872, CVE-2021-3518, CVE-2019-20388, CVE-2020-24977, CVE-2021-3541, CVE-2021-3517
2021-12-28 13:15:15
Fix of 8 CVEs
2022-01-11 12:18:56
debian
debian
[SECURITY] [DLA 2369-1] libxml2 security update
2020-09-09 22:41:50
ubuntu
ubuntu
libxml2 vulnerabilities
2021-06-17 00:00:00
cloudfoundry
cloudfoundry
USN-4991-1: libxml2 vulnerabilities | Cloud Foundry
2021-07-08 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1905
2021-07-02 17:25:35
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - October 2021
2021-10-19 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
AI Score
7.2
Confidence
High
EPSS
0.003
Percentile
69.0%
Related for ALPINE:CVE-2020-24977