Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-29469HistoryApr 24, 2023 - 9:15 p.m.
CVE-2023-29469
2023-04-2421:15:09
Debian Security Bug Tracker
security-tracker.debian.org
30
0.001 Low
EPSS
Percentile
41.1%
An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the ‘\0’ value).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | libxml2 | <Â 2.9.14+dfsg-1.2 | libxml2_2.9.14+dfsg-1.2_all.deb |
| Debian | 11 | all | libxml2 | <Â 2.9.10+dfsg-6.7+deb11u4 | libxml2_2.9.10+dfsg-6.7+deb11u4_all.deb |
| Debian | 10 | all | libxml2 | <Â 2.9.4+dfsg1-7+deb10u6 | libxml2_2.9.4+dfsg1-7+deb10u6_all.deb |
| Debian | 999 | all | libxml2 | <Â 2.9.14+dfsg-1.2 | libxml2_2.9.14+dfsg-1.2_all.deb |
| Debian | 13 | all | libxml2 | <Â 2.9.14+dfsg-1.2 | libxml2_2.9.14+dfsg-1.2_all.deb |
Related
nessus
nessus
FreeBSD : electron -- vulnerability (b09d77d0-b27c-48ae-b69b-9641bb68b39e)
2023-05-18 00:00:00
EulerOS Virtualization 2.9.1 : libxml2 (EulerOS-SA-2023-2514)
2023-07-31 00:00:00
CentOS 8 : libxml2 (CESA-2023:4529)
2024-02-08 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-29469 affecting package libxml2 for versions less than 2.10.4-1
2023-08-03 02:51:21
redhatcve
redhatcve
CVE-2023-29469
2023-04-11 19:29:50
f5
f5
K000139592: libxml2 vulnerability CVE-2023-29469
2024-05-13 00:00:00
freebsd
freebsd
electron -- vulnerability
2023-05-17 00:00:00
libxml2 -- multiple vulnerabilities
2023-04-11 00:00:00
ibm
ibm
cvelist
cvelist
CVE-2023-29469
2023-04-24 00:00:00
veracode
veracode
Double Free
2023-04-20 04:30:38
cve
cve
CVE-2023-29469
2023-04-24 21:15:09
prion
prion
Double free
2023-04-24 21:15:00
alpinelinux
alpinelinux
CVE-2023-29469
2023-04-24 21:15:09
osv
osv
CVE-2023-29469
2023-04-24 21:15:09
libxml2 vulnerabilities
2023-04-19 13:42:53
libxml2 - security update
2023-04-30 00:00:00
ubuntucve
ubuntucve
CVE-2023-29469
2023-04-12 00:00:00
github
github
Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs
2023-04-11 21:48:01
openvas
openvas
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2527)
2023-08-01 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2504)
2023-08-01 00:00:00
Fedora: Security Advisory for libxml2 (FEDORA-2023-a521b917c8)
2023-04-19 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2321
2024-01-09 09:53:22
Advisory ROSA-SA-2023-2319
2023-12-26 12:04:20
oraclelinux
oraclelinux
libxml2 security update
2023-08-10 00:00:00
libxml2 security update
2023-08-02 00:00:00
aix
aix
AIX is vulnerable to a denial of service due to libxml2
2023-07-25 11:08:32
ubuntu
ubuntu
libxml2 vulnerabilities
2023-04-19 00:00:00
libxml2 vulnerabilities
2023-06-07 00:00:00
redos
redos
ROS-20230616-04
2023-06-16 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: libxml2-2.10.4-1.fc38
2023-04-18 01:40:06
[SECURITY] Fedora 37 Update: libxml2-2.10.4-1.fc37
2023-04-18 01:32:12
redhat
redhat
(RHSA-2023:4529) Moderate: libxml2 security update
2023-08-08 07:21:37
(RHSA-2023:4349) Moderate: libxml2 security update
2023-08-01 07:58:11
(RHSA-2024:0413) Moderate: libxml2 security update
2024-01-24 14:40:23
rocky
rocky
libxml2 security update
2023-10-06 23:10:01
debian
debian
[SECURITY] [DLA 3405-1] libxml2 security update
2023-04-30 11:30:47
[SECURITY] [DSA 5391-1] libxml2 security update
2023-04-20 20:46:15
almalinux
almalinux
Moderate: libxml2 security update
2023-08-08 00:00:00
Moderate: libxml2 security update
2023-08-01 00:00:00
amazon
amazon
Medium: libxml2
2023-04-27 18:36:00
Medium: libxml2
2023-04-27 16:19:00
cloudfoundry
cloudfoundry
USN-6028-1: libxml2 vulnerabilities | Cloud Foundry
2023-04-29 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2023-3.0-0569
2023-04-23 00:00:00
Moderate Photon OS Security Update - PHSA-2023-5.0-0001
2023-05-02 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0380
2023-04-25 00:00:00
mageia
mageia
Updated libxml2 packages fix security vulnerability
2023-05-06 21:19:07
gentoo
gentoo
libxml2: Multiple Vulnerabilities
2024-02-09 00:00:00
slackware
slackware
[slackware-security] libxml2
2023-12-10 01:15:09
apple
apple
About the security content of iOS 16.5 and iPadOS 16.5
2023-05-18 00:00:00
About the security content of macOS Ventura 13.4
2023-05-18 00:00:00
ics
ics
Siemens Telecontrol Server Basic
2024-04-11 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00