parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a ‘%’ character in a DTD name.

References

xmlsoft.org/news.html

bugzilla.gnome.org/show_bug.cgi?id=766956

github.com/GNOME/libxml2/commit/e26630548e7d138d2c560844c43820b6767251e3

lists.debian.org/debian-lts-announce/2017/11/msg00041.html

www.oracle.com//security-alerts/cpujul2021.html

osv 32

nessus 50

openvas 36

archlinux 2

freebsd 2

fedora 6

suse 4

gentoo 1

oraclelinux 4

debian 6

ibm 21

centos 4

amazon 3

redhat 4

f5 2

veracode 3

altlinux 3

symantec 1

ubuntu 3

cloudfoundry 2

rubygems 2

mageia 2

ubuntucve 1

nvd 1

cvelist 1

cve 1

prion 1

debiancve 1

osv

CVE-2016-4483

2017-04-11 16:59:00

CVE-2017-9047

2017-05-18 06:29:00

CVE-2018-14404

2018-07-19 13:29:00

nessus

Fedora 22 : libxml2-2.9.3-1.fc22 (2015-037f844d3e)

2016-03-04 00:00:00

Fedora 23 : libxml2-2.9.3-1.fc23 (2015-c24af963a2)

2016-03-04 00:00:00

openSUSE Security Update : libxml2 (openSUSE-2015-959)

2015-12-29 00:00:00

openvas

Fedora Update for libxml2 FEDORA-2015-037

2015-12-01 00:00:00

openSUSE: Security Advisory for libxml2 (openSUSE-SU-2016:1594-1)

2016-06-17 00:00:00

Oracle: Security Advisory (ELSA-2015-2550)

2015-12-08 00:00:00

archlinux

libxml2: multiple issues

2015-12-09 00:00:00

libxml2: multiple issues

2016-05-26 00:00:00

freebsd

libxml2 -- multiple vulnerabilities

2016-05-23 00:00:00

libxml2 -- multiple vulnerabilities

2015-11-20 00:00:00

fedora

[SECURITY] Fedora 22 Update: libxml2-2.9.3-1.fc22

2015-11-30 23:26:43

[SECURITY] Fedora 23 Update: libxml2-2.9.3-1.fc23

2015-11-26 21:01:32

[SECURITY] Fedora 25 Update: libxml2-2.9.4-2.fc25

2017-04-19 09:32:17

suse

Security update for libxml2 (important)

2016-06-16 13:08:21

Security update for libxml2 (important)

2016-06-16 13:10:48

Security update for libxml2 (important)

2016-06-17 15:08:25

gentoo

libxml2: Multiple vulnerabilities

2017-01-16 00:00:00

oraclelinux

libxml2 security update

2015-12-07 00:00:00

libxml2 security update

2015-12-07 00:00:00

libxml2 security update

2016-06-23 00:00:00

debian

[SECURITY] [DSA 3430-1] libxml2 security update

2015-12-23 13:19:18

[SECURITY] [DSA 3430-1] libxml2 security update

2015-12-23 13:19:18

[SECURITY] [DLA 503-1] libxml2 security update

2016-06-03 19:22:01

ibm

Security Bulletin: OpenSource libXML2 Vulnerabilities affect Identity Insight 8.1

2018-06-16 13:38:33

Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Cognos Metrics Manager (CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8241, CVE-2015-8317)

2018-06-15 23:15:11

Security Bulletin: Multiple vulnerabilities in Libxml2 affect Rational Systems Tester

2018-06-17 05:07:59

centos

libxml2 security update

2015-12-07 13:26:33

libxml2 security update

2015-12-07 20:38:05

libxml2 security update

2016-06-23 15:28:21

amazon

Medium: libxml2

2015-12-14 10:00:00

Medium: libxml2

2019-05-29 19:14:00

Important: libxml2

2016-07-14 16:30:00

redhat

(RHSA-2015:2549) Moderate: libxml2 security update

2015-12-07 00:00:00

(RHSA-2015:2550) Moderate: libxml2 security update

2015-12-07 10:04:33

(RHSA-2016:1292) Important: libxml2 security update

2016-06-23 08:21:08

K61570943 : Multiple libXML2 vulnerabilities

2016-02-15 00:00:00

SOL61570943 - libXML2 vulnerabilities CVE-2015-7941 and CVE-2015-7942

2016-02-15 00:00:00

veracode

Denial Of Service (DoS)

2019-05-02 05:51:46

Information Disclosure

2019-05-02 05:51:46

Denial Of Service (DoS)

2019-05-02 05:51:46

altlinux

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.4.0.12.e905-alt1

2017-03-03 00:00:00

Security fix for the ALT Linux 9 package libxml2 version 1:2.9.4.0.12.e905-alt1

2017-03-03 00:00:00

Security fix for the ALT Linux 8 package libxml2 version 1:2.9.4.0.12.e905-alt1

2017-03-07 00:00:00

symantec

SA129 : Multiple libxml2 Vulnerabilities

2016-09-01 08:00:00

ubuntu

libxml2 vulnerabilities

2016-06-06 00:00:00

libxml2 vulnerabilities

2015-12-14 00:00:00

libxml2 vulnerabilities

2015-11-16 00:00:00

cloudfoundry

USN-2994-1 libxml2 vulnerabilities | Cloud Foundry

2016-06-13 00:00:00

USN-2834-1 libxml2 vulnerability | Cloud Foundry

2016-01-07 00:00:00

rubygems

Nokogiri gem contains several vulnerabilities in libxml2

2015-12-14 21:00:00

Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

2015-04-13 21:00:00

mageia

Updated libxml2 packages fix security vulnerability

2016-07-27 00:59:16

Updated libxml2 packages fix security vulnerabilities

2015-11-26 23:47:39

ubuntucve

CVE-2015-7942

2015-10-23 00:00:00

nvd

CVE-2015-7942

2015-11-18 16:59:06

cvelist

CVE-2015-7942

2015-11-18 16:00:00

cve

CVE-2015-7942

2015-11-18 16:59:06

prion

Out-of-bounds

2015-11-18 16:59:00

debiancve

CVE-2015-7942

2015-11-18 16:59:06

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

9.1

Confidence

High

EPSS

0.046

Percentile

92.6%

JSON

Related for OSV:CVE-2017-16931