Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2018-14567
HistoryAug 16, 2018 - 8:29 p.m.

CVE-2018-14567

2018-08-1620:29:00
CWE-835
[email protected]
web.nvd.nist.gov
165
cve-2018-14567
libxml2
remote attackers
denial of service
infinite loop
lzma
xml
nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

80.4%

JSON

libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.

Related

alpinelinux 2
redhatcve 2
ubuntucve 4
prion 3
debiancve 3
ibm 11
suse 3
veracode 4
nessus 49
openvas 22
mageia 2
debian 4
amazon 2
f5 1
cve 2
rubygems 2
centos 1
redhat 4
osv 37
oraclelinux 2
altlinux 2
cloudfoundry 1
ubuntu 2
archlinux 3
fedora 6
freebsd 1
kitploit 1
photon 2
gentoo 1
apple 8
tenable 1
ics 1
alpinelinux
alpinelinux
CVE-2018-14567
2018-08-16 20:29:00
CVE-2018-9251
2018-04-04 02:29:00
redhatcve
redhatcve
CVE-2018-14567
2018-08-22 02:19:05
CVE-2018-9251
2018-04-09 20:20:56
ubuntucve
ubuntucve
CVE-2018-14567
2018-07-31 00:00:00
CVE-2018-9251
2018-04-04 00:00:00
CVE-2015-8035
2015-11-02 00:00:00
prion
prion
Design/Logic Flaw
2018-08-16 20:29:00
Design/Logic Flaw
2018-04-04 02:29:00
Design/Logic Flaw
2015-11-18 16:59:00
debiancve
debiancve
CVE-2018-14567
2018-08-16 20:29:00
CVE-2018-9251
2018-04-04 02:29:00
CVE-2015-8035
2015-11-18 16:59:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in libxml2 affects IBM Watson Studio Local
2019-12-18 18:01:21
Security Bulletin: IBM MQ Appliance is affected by multiple libxml2 vulnerabilities
2020-07-27 09:24:37
Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities
2021-04-09 03:15:36
suse
suse
Security update for libxml2 (moderate)
2018-10-12 12:12:16
Security update for libxml2 (moderate)
2018-10-12 12:10:07
Security update for sles12-docker-image (important)
2016-03-16 15:28:52
veracode
veracode
Denial Of Service (DoS)
2020-04-01 00:39:17
Copy-Paste Vulnerability (CPV) Through Libxml2
2018-10-16 03:04:15
Denial Of Service (DoS)
2018-08-01 07:49:45
nessus
nessus
SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2018:3080-1)
2019-01-02 00:00:00
openSUSE Security Update : libxml2 (openSUSE-2019-785)
2019-03-27 00:00:00
openSUSE Security Update : libxml2 (openSUSE-2018-1150)
2018-10-15 00:00:00
openvas
openvas
openSUSE: Security Advisory for libxml2 (openSUSE-SU-2018:3110-1)
2018-10-26 00:00:00
Debian LTS: Security Advisory for libxml2 (DLA-1524-1)
2018-09-28 00:00:00
openSUSE: Security Advisory for libxml2 (openSUSE-SU-2018:3107-1)
2018-10-13 00:00:00
mageia
mageia
Updated libxml2 packages fix security vulnerabilities
2019-01-23 18:50:09
Updated libxml2 packages fix security vulnerability
2015-11-06 01:46:03
debian
debian
[SECURITY] [DLA 1524-1] libxml2 security update
2018-09-27 20:04:03
[SECURITY] [DLA 2369-1] libxml2 security update
2020-09-09 22:41:50
[SECURITY] [DSA 3430-1] libxml2 security update
2015-12-23 13:19:18
amazon
amazon
Important: libxml2
2020-08-10 22:59:00
Important: libxml2
2020-07-21 16:34:00
f5
f5
K76678525 : libxml2 vulnerabilities CVE-2015-8035 CVE-2016-5131 CVE-2017-15412 CVE-2017-18258 CVE-2018-14404 CVE-2018-14567
2022-02-15 00:00:00
cve
cve
CVE-2018-9251
2018-04-04 02:29:00
CVE-2015-8035
2015-11-18 16:59:00
rubygems
rubygems
Nokogiri gem, via libxml2, is affected by multiple vulnerabilities
2018-10-03 21:00:00
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
2015-04-13 21:00:00
centos
centos
libxml2 security update
2020-04-08 18:42:56
redhat
redhat
(RHSA-2020:1190) Moderate: libxml2 security update
2020-03-31 09:30:25
(RHSA-2020:1827) Moderate: libxml2 security update
2020-04-28 09:20:58
(RHSA-2020:3194) Important: Container-native Virtualization security, bug fix, and enhancement update
2020-07-28 18:02:45
osv
osv
libxml2 - security update
2018-09-27 00:00:00
libxml2 - security update
2020-09-09 00:00:00
CVE-2018-14567
2018-08-16 20:29:02
oraclelinux
oraclelinux
libxml2 security update
2020-04-06 00:00:00
libxml2 security update
2020-05-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.9.0.52.f824-alt1
2019-05-22 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.9.0.52.f824-alt1
2019-05-22 00:00:00
cloudfoundry
cloudfoundry
USN-3739-1: libxml2 vulnerabilities | Cloud Foundry
2018-09-11 00:00:00
ubuntu
ubuntu
libxml2 vulnerabilities
2018-08-14 00:00:00
libxml2 vulnerabilities
2015-11-16 00:00:00
archlinux
archlinux
[ASA-201810-3] libxml2: denial of service
2018-10-01 00:00:00
[ASA-201810-4] lib32-libxml2: denial of service
2018-10-01 00:00:00
libxml2: multiple issues
2015-12-09 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: libxml2-2.9.8-4.fc28
2018-08-07 01:20:06
[SECURITY] Fedora 27 Update: libxml2-2.9.8-4.fc27
2018-08-09 16:53:03
[SECURITY] Fedora 22 Update: mingw-libxml2-2.9.3-1.fc22
2016-02-17 04:26:04
freebsd
freebsd
libxml2 -- multiple vulnerabilities
2015-11-20 00:00:00
kitploit
kitploit
Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI
2019-11-05 12:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2019-0024
2019-07-31 00:00:00
Critical Photon OS Security Update - PHSA-2019-3.0-0024
2019-07-29 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2017-01-16 00:00:00
apple
apple
About the security content of tvOS 9.2
2016-03-21 00:00:00
About the security content of tvOS 9.2 - Apple Support
2017-01-23 03:54:34
About the security content of watchOS 2.2 - Apple Support
2017-01-23 03:54:34
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

6.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

80.4%

JSON
Related for CVE-2018-14567
alpinelinux2redhatcve2ubuntucve4prion3debiancve3ibm11suse3veracode4nessus49openvas22mageia2debian4amazon2f51cve2rubygems2centos1redhat4osv37oraclelinux2altlinux2cloudfoundry1ubuntu2archlinux3fedora6freebsd1kitploit1photon2gentoo1apple8tenable1ics1