SUSE CVE-2017-5969

libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service NULL pointer dereference via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML...

Denial Of Service (DoS)

libxml2 is vulnerable to denial of service DoS. The vulnerability exists when used in recover mode, allows remote attackers to cause a denial of service NULL pointer dereference via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option whic...

Internet Bug Bounty: CVE-2017-5969: libxml2 when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference)

I first reported this bug to the developers on 20 November 2015. A patch was finally committed on 7 June 2017 here. The caveat here is that this only happens in recover mode which the developers say no sane person should ever use in production and/or against untrusted inputs. A CVE was assigned i...

DEBIAN-CVE-2017-5969

libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service NULL pointer dereference via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML...

CVE-2017-5969

libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service NULL pointer dereference via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML...

ALPINE-CVE-2017-5969

libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service NULL pointer dereference via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML...

UBUNTU-CVE-2017-5969

libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service NULL pointer dereference via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML...

PT-2017-4233 · Xmlsoft +2 · Libxml2 +2

Name of the Vulnerable Software and Affected Versions: libxml2 version 2.9.4 Description: The issue is related to a denial of service caused by a NULL pointer dereference when libxml2 is used in recover mode. This can be triggered by a remote attacker via a crafted XML document. The maintainer of...