logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-24977

Description

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. #### Bugs * <https://bugs.launchpad.net/bugs/1895839> * <https://gitlab.gnome.org/GNOME/libxml2/-/issues/178> #### Notes Author| Note ---|--- [mdeslaur](<https://launchpad.net/~mdeslaur>) | only affects xmllint contrary to description, not fixed in 8e7c20a1


Affected Package


OS OS Version Package Name Package Version
ubuntu 20.04 libxml2 2.9.10+dfsg-5ubuntu0.20.04.1
ubuntu 20.10 libxml2 2.9.10+dfsg-5ubuntu0.20.10.2
ubuntu 12.04 libxml2 any
ubuntu 14.04 libxml2 2.9.1+dfsg1-3ubuntu4.13+esm2
ubuntu upstream libxml2 2.9.10+dfsg-6.2
ubuntu 16.04 libxml2 2.9.3+dfsg1-1ubuntu0.7+esm1

Related