CVSS: 7.5EPSS: 1%CPEs: 25EXPL: 0CVE-2021-3537 – libxml2: NULL pointer dereference when post-validating mixed content parsed in recovery mode
https://notcve.org/view.php?id=CVE-2021-3537
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en libxml2 en versiones anteriores a 2.9.11 muestra que no propagó errores al analizar el contenido mixto XML, causando una desreferencia de NULL. Si un documento XML que no es confiable fue analizado en modo de recuperación y pos-comprobado, el fallo podría usarse para bloquear la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1956522 https://lists.debian.org/debian-lts-announce/2021/05/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZOMV5J4PMZAORVT64BKLV6YIZAFDGX6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QVM4UJ3376I6ZVOYMHBNX4GY3NIV52WV https://security.gentoo.org/glsa/202107-05 https://security.netapp.com/advisory/ntap-20210625-0002 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 27EXPL: 1CVE-2020-24977 – libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal() in entities.c
https://notcve.org/view.php?id=CVE-2020-24977
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. El proyecto de GNOME libxml2 v2.9.10 tiene una vulnerabilidad de sobre lectura del buffer global en xmlEncodeEntitiesInternal en libxml2/entities.c. El problema ha sido corregido en el commit 50f06b3e • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2 https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://lists.fedoraproject.org/archives/ • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 41EXPL: 0CVE-2020-7595 – libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations
https://notcve.org/view.php?id=CVE-2020-7595
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. La función xmlStringLenDecodeEntities en el archivo parser.c en libxml2 versión 2.9.10, presenta un bucle infinito en una determinada situación de fin del archivo. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076 https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI https://lists& • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 36EXPL: 0CVE-2019-20388 – libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c
https://notcve.org/view.php?id=CVE-2019-20388
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. La función xmlSchemaPreRun en el archivo xmlschemas.c en libxml2 versión 2.9.10, permite una pérdida de memoria de la función xmlSchemaValidateStream. A memory leak was found in the xmlSchemaValidateStream function of libxml2. Applications that use this library may be vulnerable to memory not being freed leading to a denial of service. System availability is the highest threat from this vulnerability. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html https://gitlab.gnome.org/GNOME/libxml2/merge_requests/68 https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org& • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.9EPSS: 1%CPEs: 180EXPL: 0CVE-2019-1559 – 0-byte record padding oracle
https://notcve.org/view.php?id=CVE-2019-1559
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). • http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html http://www.securityfocus.com/bid/107174 https://access. • CWE-203: Observable Discrepancy CWE-325: Missing Cryptographic Step •