Lucene search
K

12 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.4 views

SUSE CVE-2017-18258

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

3.3CVSS7AI score0.02706EPSS
Exploits0References23
BDU FSTEC
BDU FSTEC
added 2021/07/02 12:0 a.m.7 views

The vulnerability of the xz_head function in the xzlib.c component of the Libxml2 library, related to a lack of resource allocation mechanism, allows attackers to cause service failures.

The vulnerability of the xzhead function in the xzlib.c component of the Libxml2 library is related to the lack of memory constraints. Exploiting this vulnerability allows a remote attacker to cause a service failure through the use of a specially created LZMA file...

6.5CVSS6.6AI score0.02706EPSS
Exploits0References11Affected Software4
Tenable Nessus
Tenable Nessus
added 2018/10/15 12:0 a.m.33 views

openSUSE Security Update : libxml2 (openSUSE-2018-1149)

This update for libxml2 fixes the following security issues : - CVE-2018-9251: The xzdecomp function allowed remote attackers to cause a denial of service infinite loop via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint bsc1088279. - CVE-2018-14567: Prevent denial ...

7.5CVSS6.3AI score0.043EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2018/08/16 4:6 p.m.5 views

libxml2: Unrestricted memory usage in xz_head() function in xzlib.c

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

6.5CVSS7.3AI score0.02706EPSS
Exploits0References4
OSV
OSV
added 2018/04/13 4:17 p.m.29 views

GHSA-882P-JQGM-F45G Uncontrolled resource consumption in nokogiri

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

6.5CVSS6.4AI score0.02706EPSS
Exploits0References9
RubySec
RubySec
added 2018/04/13 12:0 a.m.33 views

Moderate severity vulnerability that affects nokogiri

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. References: -...

6.5CVSS7.2AI score0.02706EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2018/04/09 12:0 a.m.2 views

libxml2 Denial of Service Vulnerability (CNVD-2018-08420)

libxml2 is the GNOME project team developed a C-based library for parsing XML documents, which supports multiple encoding formats, Xpath parsing, Well-formed and valid validation. A security vulnerability exists in the 'xzhead' function of the xzlib.c file in versions of libxml2 prior to 2.9.6,...

6.5CVSS9.1AI score0.02706EPSS
Exploits0References1
NVD
NVD
added 2018/04/08 5:29 p.m.24 views

CVE-2017-18258

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

6.5CVSS6.4AI score0.02706EPSS
Exploits0References6
OSV
OSV
added 2018/04/08 5:29 p.m.1 views

DEBIAN-CVE-2017-18258

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

6.5CVSS8.8AI score0.02706EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2018/04/08 5:0 p.m.34 views

CVE-2017-18258

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

6.5CVSS6.8AI score0.02706EPSS
Exploits0
OSV
OSV
added 2018/04/08 12:0 a.m.4 views

UBUNTU-CVE-2017-18258

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

6.5CVSS6.7AI score0.02706EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/04/08 12:0 a.m.35 views

CVE-2017-18258

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

6.5CVSS6.8AI score0.02706EPSS
Exploits0References2
Rows per page
Query Builder