Lucene search
K

6939 matches found

AlpineLinux
AlpineLinux
added 2021/05/18 11:20 a.m.83 views

CVE-2021-3518

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability...

8.8CVSS8.7AI score0.03653EPSS
Exploits0
Rockylinux
Rockylinux
added 2021/05/18 6:21 a.m.39 views

python-lxml security update

An update is available for python-lxml. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list lxml is an XML processing library providing access to libxml2 and libxslt...

6.1CVSS6.8AI score0.03934EPSS
Exploits1
AlmaLinux
AlmaLinux
added 2021/05/18 5:36 a.m.60 views

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal in entities.c CVE-2020-24977 For more details about the security issues, including the impact, a CVSS score,...

6.4CVSS1.8AI score0.03672EPSS
Exploits1References1
OSV
OSV
added 2021/05/18 5:36 a.m.36 views

RLSA-2021:1597 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal in entities.c CVE-2020-24977 For more details about the security issues, including the impact, a CVSS score,...

6.5CVSS7.2AI score0.03672EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2021/05/18 5:36 a.m.36 views

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

6.5CVSS7.5AI score0.03672EPSS
Exploits1
FreeBSD
FreeBSD
added 2021/05/18 12:0 a.m.33 views

libxml2 -- Possible denial of service

Daniel Veillard reports: A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service...

6.5CVSS2.7AI score0.01861EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/05/18 12:0 a.m.30 views

CVE-2021-3541

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service...

6.5CVSS6.8AI score0.01861EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2021/05/18 12:0 a.m.38 views

openSUSE Security Update : libxml2 (openSUSE-2021-692)

This update for libxml2 fixes the following issues : - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess bsc1185408. - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal bsc1185410. - CVE-2021-3516: Fixed a use after free in...

8.8CVSS7.5AI score0.0828EPSS
Exploits1References6
OSV
OSV
added 2021/05/18 12:0 a.m.1 views

UBUNTU-CVE-2021-3541

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service...

6.5CVSS6.7AI score0.01861EPSS
Exploits0References7
Snyk
Snyk
added 2021/05/17 8:52 p.m.3 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS8.3AI score0.0828EPSS
Exploits1References2
Snyk
Snyk
added 2021/05/17 8:52 p.m.1 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References2
Snyk
Snyk
added 2021/05/17 8:52 p.m.2 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References2
Snyk
Snyk
added 2021/05/17 8:52 p.m.1 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS7.4AI score0.0828EPSS
Exploits1References2
OSV
OSV
added 2021/05/17 8:52 p.m.62 views

GHSA-7RRM-V45F-JP64 Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12

Summary Nokogiri v1.11.4 updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 Medium severity - CVE-2020-24977 Medium severity - CVE-2021-3517 Medium severity - CVE-2021-3518 Medium severity - CVE-2021-3537 Low severity - CVE-2021-3541 Low severity Note that two...

6.5CVSS7.2AI score0.01861EPSS
Exploits0References4
Snyk
Snyk
added 2021/05/17 8:52 p.m.4 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References2
Snyk
Snyk
added 2021/05/17 8:52 p.m.3 views

Denial of Service (DoS)

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS. Vulnerable version of libxml2 was used. The fix to this updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 -...

8.8CVSS7.1AI score0.0828EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2021/05/17 8:52 p.m.160 views

Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12

Summary Nokogiri v1.11.4 updates the vendored libxml2 from v2.9.10 to v2.9.12 which addresses: - CVE-2019-20388 Medium severity - CVE-2020-24977 Medium severity - CVE-2021-3517 Medium severity - CVE-2021-3518 Medium severity - CVE-2021-3537 Low severity - CVE-2021-3541 Low severity Note that two...

8.8CVSS8.3AI score0.0828EPSS
Exploits2References4Affected Software1
CNVD
CNVD
added 2021/05/17 12:0 a.m.11 views

libxml2 Null Pointer Dereference Vulnerability

libxml2 is a software library for parsing XML documents. A null pointer dereference vulnerability exists in libxml2 versions prior to 2.9.11. An attacker can exploit this vulnerability to crash a program via a specially crafted XML document...

5.9CVSS6.6AI score0.03503EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/05/17 12:0 a.m.41 views

Slackware 14.0 / 14.1 / 14.2 / current : libxml2 (SSA:2021-135-01)

New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2021-135-01. The text itself is...

6.5CVSS7.2AI score0.01861EPSS
Exploits0References2
Slackware Linux
Slackware Linux
added 2021/05/15 6:12 p.m.77 views

[slackware-security] libxml2

New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libxml2-2.9.12-i586-1slack14.2.txz: Upgraded. This update fixes a denial-of-service security issue. For more informatio...

6.5CVSS0.4AI score0.01861EPSS
Exploits0
Rows per page
Query Builder