It was discovered that lixml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2023-28484)

It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2023-29469)

References

ubuntu.com/security/CVE-2023-28484

ubuntu.com/security/CVE-2023-29469

ubuntu.com/security/notices/USN-6028-1

nessus 51

oraclelinux 2

github 1

openvas 29

rosalinux 2

ibm 13

redos 1

rocky 1

osv 8

redhat 46

fedora 2

amazon 2

debian 2

almalinux 2

aix 1

ubuntu 2

cloudfoundry 1

freebsd 2

photon 3

mageia 1

gentoo 1

slackware 1

alpinelinux 2

debiancve 2

redhatcve 2

cbl_mariner 2

veracode 2

cve 2

prion 2

ubuntucve 2

ics 2

apple 2

tenable 1

oracle 3

nessus

Fedora 38 : libxml2 (2023-a521b917c8)

2023-04-18 00:00:00

Oracle Linux 8 : libxml2 (ELSA-2023-4529)

2023-08-15 00:00:00

EulerOS Virtualization 2.9.1 : libxml2 (EulerOS-SA-2023-2514)

2023-07-31 00:00:00

oraclelinux

libxml2 security update

2023-08-10 00:00:00

libxml2 security update

2023-08-02 00:00:00

github

Nokogiri updates packaged libxml2 to v2.10.4 to resolve multiple CVEs

2023-04-11 21:48:01

openvas

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2527)

2023-08-01 00:00:00

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2504)

2023-08-01 00:00:00

SUSE: Security Advisory (SUSE-SU-2023:2054-1)

2023-04-28 00:00:00

rosalinux

Advisory ROSA-SA-2024-2321

2024-01-09 09:53:22

Advisory ROSA-SA-2023-2319

2023-12-26 12:04:20

ibm

Security Bulletin: Vulnerabilities in libxml2 library (CVE-2023-28484, CVE-2023-29469) affect Power HMC.

2024-04-16 17:05:35

Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2023-29469 and CVE-2023-28484)

2023-10-11 19:02:33

Security Bulletin: GNOME libxml2 vulnerability affects IBM Safer Payments (CVE-2023-29469)

2023-07-28 13:39:38

redos

ROS-20230616-04

2023-06-16 00:00:00

rocky

libxml2 security update

2023-10-06 23:10:01

osv

libxml2 - security update

2023-04-30 00:00:00

libxml2 - security update

2023-04-20 00:00:00

Moderate: libxml2 security update

2023-08-01 00:00:00

redhat

(RHSA-2023:4529) Moderate: libxml2 security update

2023-08-08 07:21:37

(RHSA-2023:4349) Moderate: libxml2 security update

2023-08-01 07:58:11

(RHSA-2024:0413) Moderate: libxml2 security update

2024-01-24 14:40:23

fedora

[SECURITY] Fedora 38 Update: libxml2-2.10.4-1.fc38

2023-04-18 01:40:06

[SECURITY] Fedora 37 Update: libxml2-2.10.4-1.fc37

2023-04-18 01:32:12

amazon

Medium: libxml2

2023-04-27 18:36:00

Medium: libxml2

2023-04-27 16:19:00

debian

[SECURITY] [DLA 3405-1] libxml2 security update

2023-04-30 11:30:47

[SECURITY] [DSA 5391-1] libxml2 security update

2023-04-20 20:46:15

almalinux

Moderate: libxml2 security update

2023-08-08 00:00:00

Moderate: libxml2 security update

2023-08-01 00:00:00

aix

AIX is vulnerable to a denial of service due to libxml2

2023-07-25 11:08:32

ubuntu

libxml2 vulnerabilities

2023-04-19 00:00:00

libxml2 vulnerabilities

2023-06-07 00:00:00

cloudfoundry

USN-6028-1: libxml2 vulnerabilities | Cloud Foundry

2023-04-29 00:00:00

freebsd

libxml2 -- multiple vulnerabilities

2023-04-11 00:00:00

electron -- vulnerability

2023-05-17 00:00:00

photon

Moderate Photon OS Security Update - PHSA-2023-3.0-0569

2023-04-23 00:00:00

Moderate Photon OS Security Update - PHSA-2023-5.0-0001

2023-05-02 00:00:00

Critical Photon OS Security Update - PHSA-2023-4.0-0380

2023-04-25 00:00:00

mageia

Updated libxml2 packages fix security vulnerability

2023-05-06 21:19:07

gentoo

libxml2: Multiple Vulnerabilities

2024-02-09 00:00:00

slackware

[slackware-security] libxml2

2023-12-10 01:15:09

alpinelinux

CVE-2023-28484

2023-04-24 21:15:09

CVE-2023-29469

2023-04-24 21:15:09

debiancve

CVE-2023-28484

2023-04-24 21:15:09

CVE-2023-29469

2023-04-24 21:15:09

redhatcve

CVE-2023-29469

2023-04-11 19:29:50

CVE-2023-28484

2023-04-11 19:29:40

cbl_mariner

CVE-2023-28484 affecting package libxml2 for versions less than 2.10.4-1

2023-08-03 02:51:21

CVE-2023-29469 affecting package libxml2 for versions less than 2.10.4-1

2023-08-03 02:51:21

veracode

Double Free

2023-04-20 04:30:38

Denial Of Service (DoS)

2023-04-25 08:12:01

cve

CVE-2023-29469

2023-04-24 21:15:09

CVE-2023-28484

2023-04-24 21:15:09

prion

Null pointer dereference

2023-04-24 21:15:00

Double free

2023-04-24 21:15:00

ubuntucve

CVE-2023-28484

2023-04-12 00:00:00

CVE-2023-29469

2023-04-12 00:00:00

ics

Siemens Telecontrol Server Basic

2024-04-11 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

apple

About the security content of iOS 16.5 and iPadOS 16.5

2023-05-18 00:00:00

About the security content of macOS Ventura 13.4

2023-05-18 00:00:00

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

oracle

Oracle Critical Patch Update Advisory - January 2024

2024-01-16 00:00:00

Oracle Critical Patch Update Advisory - October 2023

2023-10-17 00:00:00

Oracle Critical Patch Update Advisory - July 2023

2023-07-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

7 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

41.1%

JSON

Related for OSV:USN-6028-1