CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

SUSE CVE•added 2023/02/15 4:35 a.m.•4 views

SUSE CVE-2017-18258

The xzhead function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service memory consumption via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file...

3.3CVSS7AI score0.02706EPSS

Exploits0References23

BDU FSTEC•added 2021/07/02 12:0 a.m.•6 views

The vulnerability of the xz_head function in the xzlib.c component of the Libxml2 library, related to a lack of resource allocation mechanism, allows attackers to cause service failures.

The vulnerability of the xzhead function in the xzlib.c component of the Libxml2 library is related to the lack of memory constraints. Exploiting this vulnerability allows a remote attacker to cause a service failure through the use of a specially created LZMA file...

6.5CVSS6.6AI score0.02706EPSS

Exploits0References11Affected Software4

RedHat Linux•added 2018/08/16 4:6 p.m.•2 views

libxml2: Unrestricted memory usage in xz_head() function in xzlib.c

6.5CVSS7.3AI score0.02706EPSS

Exploits0References4

OSV•added 2018/04/13 4:17 p.m.•29 views

GHSA-882P-JQGM-F45G Uncontrolled resource consumption in nokogiri

6.5CVSS6.4AI score0.02706EPSS

Exploits0References9

CNVD•added 2018/04/09 12:0 a.m.•2 views

libxml2 Denial of Service Vulnerability (CNVD-2018-08420)

libxml2 is the GNOME project team developed a C-based library for parsing XML documents, which supports multiple encoding formats, Xpath parsing, Well-formed and valid validation. A security vulnerability exists in the 'xzhead' function of the xzlib.c file in versions of libxml2 prior to 2.9.6,...

6.5CVSS9.1AI score0.02706EPSS

Exploits0References1