MiracleLinux 8 : libxml2-2.9.7-7.el8 (AXSA:2020-301:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-301:02 advisory. libxml2: NULL pointer dereference in xmlXPathCompOpEval function in xpath.c CVE-2018-14404 libxml2: infinite loop in xzdecomp function in xzlib.c...

PT-2015-2754

Name of the Vulnerable Software and Affected Versions libxml2 version 2.9.1 Description The issue is related to the xz decomp function in xzlib.c, which does not properly handle compression errors. This allows attackers to cause a denial of service, resulting in a process hang, by providing craft...