Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:22902
HistoryApr 01, 2020 - 12:39 a.m.

Denial Of Service (DoS)

2020-04-0100:39:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
libxml2
denial of service
vulnerability
lzma decompression

EPSS

0.007

Percentile

80.7%

libxml2 is vulnerable to denial of service (DoS). The vulnerability exists through an infinite loop caused by incorrect error detection during LZMA decompression.

Affected configurations

Vulners
Node
libxml2Match2.9.1_5.ael7b_1.2
OR
-libxml2\Matchbuster2.9.4+dfsg1-7+b3
OR
-libxml2\Matchstretch2.9.4+dfsg1-2.2+deb9u2
VendorProductVersionCPE
*libxml22.9.1_5.ael7b_1.2cpe:2.3:a:*:libxml2:2.9.1_5.ael7b_1.2:*:*:*:*:*:*:*
-libxml2\bustercpe:2.3:a:-:libxml2\:buster:2.9.4+dfsg1-7+b3:*:*:*:*:*:*:*
-libxml2\stretchcpe:2.3:a:-:libxml2\:stretch:2.9.4+dfsg1-2.2+deb9u2:*:*:*:*:*:*:*