Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-5312HistoryDec 15, 2015 - 9:59 p.m.
CVE-2015-5312
2015-12-1521:59:00
Debian Security Bug Tracker
security-tracker.debian.org
23
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.006 Low
EPSS
Percentile
78.6%
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libxml2 | < 2.9.3+dfsg1-1 | libxml2_2.9.3+dfsg1-1_all.deb |
| Debian | 11 | all | libxml2 | < 2.9.3+dfsg1-1 | libxml2_2.9.3+dfsg1-1_all.deb |
| Debian | 10 | all | libxml2 | < 2.9.3+dfsg1-1 | libxml2_2.9.3+dfsg1-1_all.deb |
| Debian | 999 | all | libxml2 | < 2.9.3+dfsg1-1 | libxml2_2.9.3+dfsg1-1_all.deb |
| Debian | 13 | all | libxml2 | < 2.9.3+dfsg1-1 | libxml2_2.9.3+dfsg1-1_all.deb |
Related
prion
prion
Code injection
2015-12-15 21:59:00
Privilege escalation
2014-11-04 16:55:00
osv
osv
Nokogiri subject to DoS via libxml2 vulnerability
2018-08-21 19:03:04
libxml2 - security update
2014-10-29 00:00:00
libxml2 - security update
2014-10-26 00:00:00
cve
cve
CVE-2015-5312
2015-12-15 21:59:00
CVE-2014-3660
2014-11-04 16:55:00
github
github
Nokogiri subject to DoS via libxml2 vulnerability
2018-08-21 19:03:04
ubuntucve
ubuntucve
CVE-2015-5312
2015-11-26 00:00:00
CVE-2014-3660
2014-10-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-08-08 02:02:05
Denial Of Service (DoS)
2019-01-15 09:09:08
Denial Of Service (DoS)
2018-08-13 07:27:07
nessus
nessus
Amazon Linux AMI : libxml2 (ALAS-2014-444)
2014-11-18 00:00:00
RHEL 5 : libxml2 (RHSA-2014:1885)
2014-11-21 00:00:00
F5 Networks BIG-IP : libxml2 vulnerability (SOL15872)
2014-12-05 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: libxml2-2.9.1-2.fc19
2014-11-22 12:42:36
[SECURITY] Fedora 21 Update: libxml2-2.9.1-6.fc21
2014-11-01 17:15:32
[SECURITY] Fedora 20 Update: libxml2-2.9.1-3.fc20
2014-10-18 16:58:16
f5
f5
K15872 : libxml2 vulnerability CVE-2014-3660
2015-09-16 00:00:00
SOL15872 - libxml2 vulnerability CVE-2014-3660
2014-12-04 00:00:00
K61570943 : Multiple libXML2 vulnerabilities
2016-02-15 00:00:00
debian
debian
[SECURITY] [DSA 3057-2] libxml2 regression update
2015-04-07 18:58:44
[SECURITY] [DSA 3057-2] libxml2 regression update
2015-04-07 18:59:02
[SECURITY] [DSA 3057-1] libxml2 security update
2014-10-26 21:19:41
amazon
amazon
Medium: libxml2
2014-11-11 10:26:00
Medium: libxml2
2015-12-14 10:00:00
Medium: libxml2
2019-05-29 19:14:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:1440-1)
2021-06-09 00:00:00
Debian: Security Advisory (DLA-80-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-3057-1)
2014-10-25 00:00:00
redhat
redhat
(RHSA-2014:1885) Moderate: libxml2 security update
2014-11-20 00:00:00
(RHSA-2014:1655) Moderate: libxml2 security update
2014-10-16 00:00:00
(RHSA-2015:2549) Moderate: libxml2 security update
2015-12-07 00:00:00
securityvulns
securityvulns
libxml DoS
2014-10-27 00:00:00
[ MDVSA-2014:204 ] libxml2
2014-10-27 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2014-11-20 00:00:00
libxml2 security update
2014-10-16 00:00:00
libxml2 security and bug fix update
2015-07-29 00:00:00
centos
centos
libxml2 security update
2014-10-21 15:08:38
libxml2 security update
2014-11-20 21:10:50
libxml2 security update
2015-12-07 13:26:33
ubuntu
ubuntu
libxml2 vulnerability
2014-10-27 00:00:00
libxml2 vulnerabilities
2015-12-14 00:00:00
gentoo
gentoo
libxml2: Denial of service
2014-12-10 00:00:00
freebsd
freebsd
libxml2 -- Denial of service
2014-10-16 00:00:00
libxml2 -- multiple vulnerabilities
2015-11-20 00:00:00
debiancve
debiancve
CVE-2014-3660
2014-11-04 16:55:00
mageia
mageia
Updated libxml2 packages fix security vulnerability
2014-10-23 17:27:57
Updated libxml2 packages fix security vulnerabilities
2015-11-26 23:47:39
ibm
ibm
archlinux
archlinux
libxml2: Denial of service
2014-10-24 00:00:00
libxml2: multiple issues
2015-12-09 00:00:00
rubygems
rubygems
Nokogiri gem contains several vulnerabilities in libxml2
2015-12-14 21:00:00
cloudfoundry
cloudfoundry
USN-2834-1 libxml2 vulnerability | Cloud Foundry
2016-01-07 00:00:00
kaspersky
kaspersky
KLA10452 Multiple vulnerabilities in VMware products
2015-01-27 00:00:00
vmware
vmware
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:N/I:N/A:C
0.006 Low
EPSS
Percentile
78.6%
Related for DEBIANCVE:CVE-2015-5312