CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

SUSE CVE•added 2023/02/15 4:35 a.m.•2 views

SUSE CVE-2017-18258

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

3.3CVSS7AI score0.00898EPSS

Exploits0References23

Tenable Nessus•added 2018/10/15 12:0 a.m.•33 views

openSUSE Security Update : libxml2 (openSUSE-2018-1149)

This update for libxml2 fixes the following security issues : - CVE-2018-9251: The xzdecomp function allowed remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint bsc1088279. - CVE-2018-14567: Prevent denial ...

7.5CVSS6.3AI score0.20012EPSS

Exploits1References8

RedHat Linux•added 2018/08/16 4:6 p.m.•2 views

libxml2: Unrestricted memory usage in xz_head() function in xzlib.c

6.5CVSS7.3AI score0.00898EPSS

Exploits0References4

OSV•added 2018/04/13 4:17 p.m.•29 views

GHSA-882P-JQGM-F45G Uncontrolled resource consumption in nokogiri

6.5CVSS6.4AI score0.00898EPSS

Exploits0References9

RubySec•added 2018/04/13 12:0 a.m.•33 views

Moderate severity vulnerability that affects nokogiri

6.5CVSS7.2AI score0.00898EPSS

Exploits0References1Affected Software1

CNVD•added 2018/04/09 12:0 a.m.•2 views

libxml2 Denial of Service Vulnerability (CNVD-2018-08420)

libxml2 is the GNOME project team developed a C-based library for parsing XML documents, which supports multiple encoding formats, Xpath parsing, Well-formed and valid validation. A security vulnerability exists in the 'xzhead' function of the xzlib.c file in versions of libxml2 prior to 2.9.6,...

6.5CVSS9.1AI score0.00898EPSS

Exploits0References1

OSV•added 2018/04/08 5:29 p.m.•1 views

DEBIAN-CVE-2017-18258

6.5CVSS8.8AI score0.00898EPSS

Exploits0References1