Lucene search

Moderate: Red Hat Security Advisory: libxml2 security update

🗓️ 31 Mar 2020 20:50:22Reported by RedHatType

Moderate security update for libxml2 library, addressing multiple use after free vulnerabilities and DoS attack

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 199
Tenable Nessus	Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20200407)	21 Apr 202000:00	–	nessus
Tenable Nessus	RHEL 7 : libxml2 (RHSA-2020:1190)	1 Apr 202000:00	–	nessus
Tenable Nessus	Oracle Linux 7 : libxml2 (ELSA-2020-1190)	7 Sep 202300:00	–	nessus
Tenable Nessus	NewStart CGSL CORE 5.04 / MAIN 5.04 : libxml2 Multiple Vulnerabilities (NS-SA-2020-0060)	9 Dec 202000:00	–	nessus
Tenable Nessus	NewStart CGSL CORE 5.05 / MAIN 5.05 : libxml2 Multiple Vulnerabilities (NS-SA-2020-0091)	9 Dec 202000:00	–	nessus
Tenable Nessus	CentOS 7 : libxml2 (RHSA-2020:1190)	10 Apr 202000:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libxml2 (ALAS-2020-1466)	23 Jul 202000:00	–	nessus
Tenable Nessus	Amazon Linux AMI : libxml2 (ALAS-2020-1415)	13 Aug 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-1316)	1 May 201900:00	–	nessus
Tenable Nessus	RHEL 8 : libxml2 (Unpatched Vulnerability)	11 May 202400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
RedHat	7	i686	libxml2	2.9.1-6.el7.4	libxml2-2.9.1-6.el7.4.i686.rpm
RedHat	7	ppc	libxml2	2.9.1-6.el7.4	libxml2-2.9.1-6.el7.4.ppc.rpm
RedHat	7	ppc64	libxml2	2.9.1-6.el7.4	libxml2-2.9.1-6.el7.4.ppc64.rpm
RedHat	7	ppc64le	libxml2	2.9.1-6.el7.4	libxml2-2.9.1-6.el7.4.ppc64le.rpm
RedHat	7	s390	libxml2	2.9.1-6.el7.4	libxml2-2.9.1-6.el7.4.s390.rpm
RedHat	7	s390x	libxml2	2.9.1-6.el7.4	libxml2-2.9.1-6.el7.4.s390x.rpm
RedHat	7	x86_64	libxml2	2.9.1-6.el7.4	libxml2-2.9.1-6.el7.4.x86_64.rpm
RedHat	7	i686	libxml2-debuginfo	2.9.1-6.el7.4	libxml2-debuginfo-2.9.1-6.el7.4.i686.rpm
RedHat	7	ppc	libxml2-debuginfo	2.9.1-6.el7.4	libxml2-debuginfo-2.9.1-6.el7.4.ppc.rpm
RedHat	7	ppc64	libxml2-debuginfo	2.9.1-6.el7.4	libxml2-debuginfo-2.9.1-6.el7.4.ppc64.rpm

Source	Link
access	www.access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index
access	www.access.redhat.com/security/cve/CVE-2015-8035
access	www.access.redhat.com/security/cve/CVE-2016-5131
access	www.access.redhat.com/security/cve/CVE-2017-15412
access	www.access.redhat.com/security/cve/CVE-2017-18258
access	www.access.redhat.com/security/cve/CVE-2018-14404
access	www.access.redhat.com/security/cve/CVE-2018-14567
access	www.access.redhat.com/security/updates/classification/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Mar 2020 20:22Current

8.1High risk

Vulners AI Score8.1

CVSS26.8

CVSS38.8

EPSS0.2363

libxml2 security update use after free dos xpointer paths xmlxpathcompopevalpositionalpredicate xz decompression null pointer dereference memory usage lzma decompression