Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-4409HistoryOct 03, 2008 - 5:41 p.m.
CVE-2008-4409
2008-10-0317:41:00
Debian Security Bug Tracker
security-tracker.debian.org
10
0.034 Low
EPSS
Percentile
91.4%
libxml2 2.7.0 and 2.7.1 does not properly handle “predefined entities definitions” in entities, which allows context-dependent attackers to cause a denial of service (memory consumption and application crash), as demonstrated by use of xmllint on a certain XML document, a different vulnerability than CVE-2003-1564 and CVE-2008-3281.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libxml2 | < 2.9.14+dfsg-1.3~deb12u1 | libxml2_2.9.14+dfsg-1.3~deb12u1_all.deb |
| Debian | 11 | all | libxml2 | < 2.9.10+dfsg-6.7+deb11u4 | libxml2_2.9.10+dfsg-6.7+deb11u4_all.deb |
| Debian | 10 | all | libxml2 | < 2.9.4+dfsg1-7+deb10u4 | libxml2_2.9.4+dfsg1-7+deb10u4_all.deb |
| Debian | 999 | all | libxml2 | < 2.9.14+dfsg-1.3 | libxml2_2.9.14+dfsg-1.3_all.deb |
| Debian | 13 | all | libxml2 | < 2.9.14+dfsg-1.3 | libxml2_2.9.14+dfsg-1.3_all.deb |
Related
prion
prion
Code injection
2008-10-03 17:41:00
Code injection
2008-08-27 20:41:00
Design/Logic Flaw
2014-02-26 14:55:00
cve
cve
ubuntucve
ubuntucve
nessus
nessus
GLSA-200812-06 : libxml2: Multiple vulnerabilities
2008-12-03 00:00:00
Oracle Linux 3 / 4 / 5 : libxml2 (ELSA-2008-0836)
2013-07-12 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200812-06 (libxml2)
2008-12-03 00:00:00
RedHat Update for libxml2 RHSA-2008:0836-02
2009-03-06 00:00:00
Fedora Update for libxml2 FEDORA-2008-7395
2009-02-17 00:00:00
debiancve
debiancve
seebug
seebug
Libxml2预定义实体拒绝服务漏洞
2008-12-05 00:00:00
libxml2递归实体远程拒绝服务漏洞
2008-08-26 00:00:00
securityvulns
securityvulns
[ MDVSA-2008:212 ] libxml2
2008-10-16 00:00:00
libxml memory corruption
2008-10-16 00:00:00
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
2008-08-25 00:00:00
gentoo
gentoo
libxml2: Multiple vulnerabilities
2008-12-02 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package libxml2 version 1:2.6.32-alt3
2008-09-01 00:00:00
Security fix for the ALT Linux 9 package libxml2 version 1:2.6.32-alt2
2008-08-21 00:00:00
Security fix for the ALT Linux 5 package libxml2 version 1:2.6.32-alt3
2008-09-01 00:00:00
debian
debian
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
2008-08-26 17:53:39
[SECURITY] [DSA 1631-1] New libxml2 packages fix denial of service
2008-08-22 19:46:35
ubuntu
ubuntu
libxml2 vulnerability
2008-09-03 00:00:00
libxml2 vulnerabilities
2008-09-11 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: libxml2-2.6.32-2.fc8
2008-09-10 06:44:31
[SECURITY] Fedora 9 Update: libxml2-2.6.32-3.fc9
2008-09-10 07:04:24
redhat
redhat
(RHSA-2008:0836) Moderate: libxml2 security update
2008-08-21 00:00:00
(RHSA-2008:0886) Important: libxml2 security update
2008-09-11 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2008-08-21 00:00:00
centos
centos
libxml2 security update
2008-08-23 12:03:03
libxml2 security update
2008-08-25 01:21:18
libxml2 security update
2008-09-12 01:23:56
github
github
SnakeYAML Entity Expansion during load operation
2021-06-04 21:37:45
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
freebsd
freebsd
ejabberd -- remote denial of service vulnerability
2011-04-27 00:00:00
libxml2 -- two vulnerabilities
2008-08-22 00:00:00
osv
osv
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
CVE-2017-18640
2019-12-12 03:15:10
SnakeYAML Entity Expansion during load operation
2021-06-04 21:37:45
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:53:01
redhatcve
redhatcve
CVE-2017-18640
2020-04-08 21:02:33