libxml2
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | XML parsing library, version 2 |
Version | 2.9.8-2 [extra] |
Open
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-672 | 2.9.8-2 | Medium | Vulnerable |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2018-9251 | AVG-672 | Medium | Yes | Denial of service | A security issue has been found in libxml2 <= 2.9.8 compiled with LZMA support enabled, in the xz_decomp function in xzlib.c. This flaw allows a remote... |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-671 | 2.9.5+6+g07e227ed-1 | 2.9.6+3+g5af594d8-1 | Medium | Fixed | |
AVG-56 | 2.9.4+4+g3169602-1 | 2.9.4+12+ge905f08-1 | Critical | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2017-18258 | AVG-671 | Medium | Yes | Denial of service | A security issue has been found in libxml2 <= 2.9.6 compiled with LZMA support enabled, in the xz_head function in xzlib.c. This flaw allows a remote... |
CVE-2016-5131 | AVG-56 | Critical | Yes | Arbitrary code execution | Bugs in xmlXPathEvalExpr and xmlXPtrRangeToFunction can lead to a use- after-free and allow control of the instruction pointer. |
CVE-2016-4658 | AVG-56 | Critical | Yes | Arbitrary code execution | A use-after-free vulnerability via namespace nodes in XPointer ranges was found in libxml2. |
Advisories
Date | Advisory | Group | Severity | Description |
---|---|---|---|---|
01 Nov 2016 | ASA-201611-2 | AVG-56 | Critical | arbitrary code execution |