libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.

References

bugzilla.redhat.com/show_bug.cgi?id=1619875

alpinelinux 2

prion 3

cve 3

debiancve 3

ubuntucve 4

ibm 11

redhatcve 1

suse 3

nessus 49

openvas 29

mageia 2

amazon 2

f5 1

debian 4

veracode 4

archlinux 3

redhat 4

centos 1

oraclelinux 2

rubygems 2

fedora 6

altlinux 2

osv 37

ubuntu 2

cloudfoundry 1

freebsd 1

photon 2

gentoo 1

apple 8

kitploit 1

tenable 1

ics 1

alpinelinux

CVE-2018-14567

2018-08-16 20:29:00

CVE-2018-9251

2018-04-04 02:29:00

prion

Design/Logic Flaw

2018-08-16 20:29:00

Design/Logic Flaw

2018-04-04 02:29:00

Design/Logic Flaw

2015-11-18 16:59:00

cve

CVE-2018-14567

2018-08-16 20:29:00

CVE-2018-9251

2018-04-04 02:29:00

CVE-2015-8035

2015-11-18 16:59:00

debiancve

CVE-2018-14567

2018-08-16 20:29:00

CVE-2018-9251

2018-04-04 02:29:00

CVE-2015-8035

2015-11-18 16:59:00

ubuntucve

CVE-2018-14567

2018-07-31 00:00:00

CVE-2018-9251

2018-04-04 00:00:00

CVE-2015-8035

2015-11-02 00:00:00

ibm

Security Bulletin: Multiple Vulnerabilities in libxml2 affects IBM Watson Studio Local

2019-12-18 18:01:21

Security Bulletin: IBM MQ Appliance is affected by multiple libxml2 vulnerabilities

2020-07-27 09:24:37

Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities

2021-04-09 03:15:36

redhatcve

CVE-2018-9251

2018-04-09 20:20:56

suse

Security update for libxml2 (moderate)

2018-10-12 12:12:16

Security update for libxml2 (moderate)

2018-10-12 12:10:07

Security update for sles12-docker-image (important)

2016-03-16 15:28:52

nessus

Oracle Linux 8 : libxml2 (ELSA-2020-1827)

2023-09-07 00:00:00

openSUSE Security Update : libxml2 (openSUSE-2019-785)

2019-03-27 00:00:00

SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2018:3080-1)

2019-01-02 00:00:00

openvas

openSUSE: Security Advisory for libxml2 (openSUSE-SU-2018:3110-1)

2018-10-26 00:00:00

SUSE: Security Advisory (SUSE-SU-2018:3080-1)

2021-06-09 00:00:00

Mageia: Security Advisory (MGASA-2019-0047)

2022-01-28 00:00:00

mageia

Updated libxml2 packages fix security vulnerabilities

2019-01-23 18:50:09

Updated libxml2 packages fix security vulnerability

2015-11-06 01:46:03

amazon

Important: libxml2

2020-08-10 22:59:00

Important: libxml2

2020-07-21 16:34:00

K76678525 : libxml2 vulnerabilities CVE-2015-8035 CVE-2016-5131 CVE-2017-15412 CVE-2017-18258 CVE-2018-14404 CVE-2018-14567

2022-02-15 00:00:00

debian

[SECURITY] [DLA 1524-1] libxml2 security update

2018-09-27 20:04:03

[SECURITY] [DLA 2369-1] libxml2 security update

2020-09-09 22:41:50

[SECURITY] [DSA 3430-1] libxml2 security update

2015-12-23 13:19:18

veracode

Denial Of Service (DoS)

2020-04-01 00:39:17

Denial Of Service (DoS)

2018-08-01 07:49:45

Denial Of Service (DoS)

2020-04-29 02:42:19

archlinux

[ASA-201810-3] libxml2: denial of service

2018-10-01 00:00:00

[ASA-201810-4] lib32-libxml2: denial of service

2018-10-01 00:00:00

libxml2: multiple issues

2015-12-09 00:00:00

redhat

(RHSA-2020:1190) Moderate: libxml2 security update

2020-03-31 09:30:25

(RHSA-2020:1827) Moderate: libxml2 security update

2020-04-28 09:20:58

(RHSA-2020:3194) Important: Container-native Virtualization security, bug fix, and enhancement update

2020-07-28 18:02:45

centos

libxml2 security update

2020-04-08 18:42:56

oraclelinux

libxml2 security update

2020-04-06 00:00:00

libxml2 security update

2020-05-05 00:00:00

rubygems

Nokogiri gem, via libxml2, is affected by multiple vulnerabilities

2018-10-03 21:00:00

Nokogiri gem contains several vulnerabilities in libxml2 and libxslt

2015-04-13 21:00:00

fedora

[SECURITY] Fedora 28 Update: libxml2-2.9.8-4.fc28

2018-08-07 01:20:06

[SECURITY] Fedora 27 Update: libxml2-2.9.8-4.fc27

2018-08-09 16:53:03

[SECURITY] Fedora 22 Update: mingw-libxml2-2.9.3-1.fc22

2016-02-17 04:26:04

altlinux

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.9.0.52.f824-alt1

2019-05-22 00:00:00

Security fix for the ALT Linux 9 package libxml2 version 1:2.9.9.0.52.f824-alt1

2019-05-22 00:00:00

osv

libxml2 - security update

2018-09-27 00:00:00

CVE-2018-14567

2018-08-16 20:29:02

libxml2 - security update

2020-09-09 00:00:00

ubuntu

libxml2 vulnerabilities

2015-11-16 00:00:00

libxml2 vulnerabilities

2018-08-14 00:00:00

cloudfoundry

USN-3739-1: libxml2 vulnerabilities | Cloud Foundry

2018-09-11 00:00:00

freebsd

libxml2 -- multiple vulnerabilities

2015-11-20 00:00:00

photon

Critical Photon OS Security Update - PHSA-2019-0024

2019-07-31 00:00:00

Critical Photon OS Security Update - PHSA-2019-3.0-0024

2019-07-29 00:00:00

gentoo

libxml2: Multiple vulnerabilities

2017-01-16 00:00:00

apple

About the security content of tvOS 9.2

2016-03-21 00:00:00

About the security content of tvOS 9.2 - Apple Support

2017-01-23 03:54:34

About the security content of watchOS 2.2 - Apple Support

2017-01-23 03:54:34

kitploit

Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI

2019-11-05 12:00:00

tenable

[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities

2023-06-29 10:45:47

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

JSON

Related for RH:CVE-2018-14567