CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9596 – libxml2: stack exhaustion while parsing xml files in recovery mode (unfixed CVE-2016-3627 in JBCS)
https://notcve.org/view.php?id=CVE-2016-9596
16 Aug 2018 — libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627. libxml2, tal y como se usa en Red Hat JBoss Core Services y en modo de recuperación, permite que los atacantes dependientes de contexto provoquen una denegación de servicio (consumo de pila) mediante un documento XML. NOTA: Esta vulnerabilidad ex... • https://bugzilla.redhat.com/show_bug.cgi?id=1408302 • CWE-400: Uncontrolled Resource Consumption CWE-674: Uncontrolled Recursion •
CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 0CVE-2018-14567 – libxml2: Infinite loop caused by incorrect error detection during LZMA decompression
https://notcve.org/view.php?id=CVE-2018-14567
15 Aug 2018 — libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251. libxml2 2.9.8, si se emplea --with-lzma, permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante un archivo XML manipulado que desencadena LZMA_MEMLIMIT_ERROR, tal y como queda demostrado por xmllint. Esta vulnerabili... • http://www.securityfocus.com/bid/105198 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2016-9597 – libxml2: stack overflow before detecting invalid XML file (unfixed CVE-2016-3705 in JBCS)
https://notcve.org/view.php?id=CVE-2016-9597
30 Jul 2018 — It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705. Se ha descubierto que el erratum de Red Hat JBoss Core Services RHSA-2016:2957 para CVE-2016-3705 no incluía la solución al problema en libxml2, lo que lo hace vulnerable a un ataque de denegación de servicio (DoS) debido ... • http://www.securityfocus.com/bid/98567 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 2%CPEs: 6EXPL: 0CVE-2018-14404 – libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c
https://notcve.org/view.php?id=CVE-2018-14404
19 Jul 2018 — A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application. Existe una vulnerabilidad de desreferencia de puntero NULL en la función xpath.c:xmlXPathCompOpEval() de libxml2 hasta la versión 2.9.8 al an... • https://access.redhat.com/errata/RHSA-2019:1543 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 2%CPEs: 1EXPL: 0CVE-2017-18258 – libxml2: Unrestricted memory usage in xz_head() function in xzlib.c
https://notcve.org/view.php?id=CVE-2017-18258
08 Apr 2018 — The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file. La función xz_head en xzlib.c en libxml2, en versiones anteriores a la 2.9.6, permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo LZMA. Esto se dene a que la funcionalidad de descifrado no rest... • https://git.gnome.org/browse/libxml2/commit/?id=e2a9122b8dde53d320750451e9907a7dcb2ca8bb • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1CVE-2018-9251 – libxml2: infinite loop in xz_decomp function in xzlib.c
https://notcve.org/view.php?id=CVE-2018-9251
04 Apr 2018 — The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035. La función xz_decomp en xzlib.c en libxml2 2.9.8, si se emplea --with-lzma, permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante un archivo XML manipulado que desencadena LZMA_MEMLIMIT_ERROR, tal... • https://bugzilla.gnome.org/show_bug.cgi?id=794914 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 2%CPEs: 8EXPL: 0CVE-2017-15412 – libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c
https://notcve.org/view.php?id=CVE-2017-15412
07 Dec 2017 — Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Uso de memoria previamente liberada en libxml2 en versiones anteriores a la 2.9.5, tal y como se emplea en Google Chrome en versiones anteriores a la 63.0.3239.84 y otros productos, permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada. A use... • http://www.securitytracker.com/id/1040348 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16931
https://notcve.org/view.php?id=CVE-2017-16931
23 Nov 2017 — parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. parser.c en libxml2 en versiones anteriores a la 2.9.5 gestiona de manera incorrecta las referencias de entidades de parámetro debido a que la macro NEXTL llama a la función xmlParserHandlePEReference en caso de que haya un carácter "%" en un nombre DTD. • http://xmlsoft.org/news.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-16932 – Ubuntu Security Notice USN-3504-1
https://notcve.org/view.php?id=CVE-2017-16932
23 Nov 2017 — parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. parser.c en libxml2 en versiones anteriores a la 2.9.5 no evita la recursión infinita en las entidades de parámetro. Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. • http://xmlsoft.org/news.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2017-5130 – chromium-browser: heap overflow in libxml2
https://notcve.org/view.php?id=CVE-2017-5130
20 Oct 2017 — An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file. Un desbordamiento de enteros en xmlmemory.c en versiones anteriores a la 2.9.5 de libxml2, tal y como se emplea en Google Chrome, en versiones anteriores a la 62.0.3202.62 y en otros productos, permite que un atacante remoto explote la corrupción de la memoria dinámica (heap) mediante un archivo... • http://bugzilla.gnome.org/show_bug.cgi?id=783026 • CWE-787: Out-of-bounds Write •