CVE-2018-9251 - log back

CVE-2018-9251 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ A security issue has been found in libxml2 <= 2.9.8 compiled with LZMA support enabled, in the xz_decomp function in xzlib.c. This flaw allows a remote attacker to cause a denial of service via an infinite loop, using a crafted XML payload that triggers LZMA_MEMLIMIT_ERROR.
References
+ https://bugzilla.gnome.org/show_bug.cgi?id=794914
+ https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74
Notes