logo
DATABASE RESOURCES PRICING ABOUT US

Denial Of Service (DoS)

Description

libxml2.so is vulnerable to denial of service (DoS). The attack is possible due to a lack of proper memory handing in the function `xmlParseBalancedChunkMemoryRecover` in `parser.c`, leading to an application crash.


Affected Software


CPE Name Name Version
libxml2.so 2.9.90
libxml2.so 2.7.6
jbcs-httpd24-curl 7.64.1__21.jbcs.el6
jbcs-httpd24-curl 7.64.1__14.jbcs.el6
jbcs-httpd24-curl 7.64.1__21.jbcs.el7
jbcs-httpd24-curl 7.64.1__14.jbcs.el7
jbcs-httpd24-mod_cluster-native 1.3.12__13.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_cluster-native 1.3.12__13.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_cluster-native 1.3.1__10.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_cluster-native 1.3.8__1.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_cluster-native 1.3.1__10.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_cluster-native 1.3.12__9.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_cluster-native 1.3.8__1.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_cluster-native 1.3.12__9.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_cluster-native 1.3.5__13.Final_redhat_1.jbcs.el7
jbcs-httpd24-mod_cluster-native 1.3.8__3.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_cluster-native 1.3.8__1.Final_redhat_1.jbcs.el7
jbcs-httpd24-mod_cluster-native 1.3.5__13.Final_redhat_1.jbcs.el6
jbcs-httpd24-mod_cluster-native 1.3.8__1.Final_redhat_1.jbcs.el6
jbcs-httpd24-mod_cluster-native 1.3.8__3.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_http2 1.11.3__8.jbcs.el6
jbcs-httpd24-mod_http2 1.11.3__8.jbcs.el7
jbcs-httpd24-mod_security 2.9.2__16.GA.jbcs.el6
jbcs-httpd24-mod_security 2.9.1__19.GA.jbcs.el6
jbcs-httpd24-mod_security 2.9.1__23.GA.jbcs.el7
jbcs-httpd24-mod_security 2.8.0__13.GA.jbcs.el7
jbcs-httpd24-mod_security 2.8.0__13.GA.jbcs.el6
jbcs-httpd24-mod_security 2.9.1__18.GA.jbcs.el6
jbcs-httpd24-mod_security 2.9.1__18.GA.jbcs.el7
jbcs-httpd24-mod_security 2.9.2__20.GA.jbcs.el6
jbcs-httpd24-mod_security 2.9.1__23.GA.jbcs.el6
jbcs-httpd24-mod_security 2.9.2__16.GA.jbcs.el7
jbcs-httpd24-mod_security 2.9.1__19.GA.jbcs.el7
jbcs-httpd24-mod_security 2.9.2__20.GA.jbcs.el7
jbcs-httpd24-mod_jk 1.2.41__14.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk 1.2.40__10.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk 1.2.43__1.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk 1.2.46__1.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk 1.2.40__10.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk 1.2.46__26.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk 1.2.46__22.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk 1.2.43__1.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk 1.2.46__22.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk 1.2.46__26.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk 1.2.46__1.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk 1.2.41__14.redhat_1.jbcs.el7
jbcs-httpd24-nghttp2 1.39.2__1.jbcs.el7
jbcs-httpd24-nghttp2 1.12.0__9.jbcs.el7
jbcs-httpd24-nghttp2 1.29.0__9.jbcs.el6
jbcs-httpd24-nghttp2 1.39.2__4.jbcs.el6
jbcs-httpd24-nghttp2 1.29.0__8.jbcs.el7
jbcs-httpd24-nghttp2 1.39.2__1.jbcs.el6
jbcs-httpd24-nghttp2 1.12.0__9.jbcs.el6
jbcs-httpd24-nghttp2 1.39.2__10.jbcs.el7
jbcs-httpd24-nghttp2 1.29.0__9.jbcs.el7
jbcs-httpd24-nghttp2 1.29.0__8.jbcs.el6
jbcs-httpd24-nghttp2 1.39.2__4.jbcs.el7
jbcs-httpd24-nghttp2 1.39.2__10.jbcs.el6
jbcs-httpd24-httpd 2.4.6__75.jbcs.el7
jbcs-httpd24-httpd 2.4.6__75.jbcs.el6
jbcs-httpd24-httpd 2.4.37__41.jbcs.el7
jbcs-httpd24-httpd 2.4.37__52.jbcs.el7
jbcs-httpd24-httpd 2.4.23__114.jbcs.el6
jbcs-httpd24-httpd 2.4.6__77.SP1.jbcs.el7
jbcs-httpd24-httpd 2.4.29__41.jbcs.el7
jbcs-httpd24-httpd 2.4.29__40.jbcs.el7
jbcs-httpd24-httpd 2.4.23__125.jbcs.el6
jbcs-httpd24-httpd 2.4.23__120.jbcs.el7
jbcs-httpd24-httpd 2.4.29__17.jbcs.el6
jbcs-httpd24-httpd 2.4.29__17.jbcs.el7
jbcs-httpd24-httpd 2.4.23__102.jbcs.el7
jbcs-httpd24-httpd 2.4.37__33.jbcs.el6
jbcs-httpd24-httpd 2.4.37__33.jbcs.el7
jbcs-httpd24-httpd 2.4.37__41.jbcs.el6
jbcs-httpd24-httpd 2.4.23__122.jbcs.el6
jbcs-httpd24-httpd 2.4.23__120.jbcs.el6
jbcs-httpd24-httpd 2.4.23__122.jbcs.el7
jbcs-httpd24-httpd 2.4.23__102.jbcs.el6
jbcs-httpd24-httpd 2.4.29__40.jbcs.el6
jbcs-httpd24-httpd 2.4.6__77.SP1.jbcs.el6
jbcs-httpd24-httpd 2.4.23__125.jbcs.el7
jbcs-httpd24-httpd 2.4.29__35.jbcs.el6
jbcs-httpd24-httpd 2.4.29__41.jbcs.el6
jbcs-httpd24-httpd 2.4.23__114.jbcs.el7
jbcs-httpd24-httpd 2.4.29__35.jbcs.el7
libxml2 2.9.7__7.el8
libxml2 2.9.7__5.el8
libxml2 2.9.1__5.ael7b_1.2
libxml2:buster 2.9.4+dfsg1-7+b3
libxml2:stretch 2.9.4+dfsg1-2.2+deb9u2
libxml2 2.7.8.7
libxml2 2.7.8.2

Related