fkie_cve-2014-3660
Vulnerability from fkie_nvd
Published
2014-11-04 16:55
Modified
2024-11-21 02:08
Severity ?
Summary
parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack.
References
secalert@redhat.comhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2014-10/msg00034.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-1655.html
secalert@redhat.comhttp://rhn.redhat.com/errata/RHSA-2014-1885.html
secalert@redhat.comhttp://secunia.com/advisories/59903
secalert@redhat.comhttp://secunia.com/advisories/61965
secalert@redhat.comhttp://secunia.com/advisories/61966
secalert@redhat.comhttp://secunia.com/advisories/61991
secalert@redhat.comhttp://www.debian.org/security/2014/dsa-3057
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2014:244
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2014/10/17/7Patch
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
secalert@redhat.comhttp://www.securityfocus.com/bid/70644
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2389-1Vendor Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/attachment.cgi?id=944444&action=diff
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1149084
secalert@redhat.comhttps://support.apple.com/kb/HT205030Vendor Advisory
secalert@redhat.comhttps://support.apple.com/kb/HT205031Vendor Advisory
secalert@redhat.comhttps://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-10/msg00034.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1655.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-1885.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59903
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61965
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61966
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/61991
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-3057
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2014:244
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/10/17/7Patch
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/70644
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2389-1Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/attachment.cgi?id=944444&action=diff
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1149084
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/kb/HT205030Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.apple.com/kb/HT205031Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
Impacted products
Vendor Product Version
xmlsoft libxml2 *
xmlsoft libxml2 2.0.0
xmlsoft libxml2 2.1.0
xmlsoft libxml2 2.1.1
xmlsoft libxml2 2.2.0
xmlsoft libxml2 2.2.0
xmlsoft libxml2 2.2.1
xmlsoft libxml2 2.2.2
xmlsoft libxml2 2.2.3
xmlsoft libxml2 2.2.4
xmlsoft libxml2 2.2.5
xmlsoft libxml2 2.2.6
xmlsoft libxml2 2.2.7
xmlsoft libxml2 2.2.8
xmlsoft libxml2 2.2.9
xmlsoft libxml2 2.2.10
xmlsoft libxml2 2.2.11
xmlsoft libxml2 2.3.0
xmlsoft libxml2 2.3.1
xmlsoft libxml2 2.3.2
xmlsoft libxml2 2.3.3
xmlsoft libxml2 2.3.4
xmlsoft libxml2 2.3.5
xmlsoft libxml2 2.3.6
xmlsoft libxml2 2.3.7
xmlsoft libxml2 2.3.8
xmlsoft libxml2 2.3.9
xmlsoft libxml2 2.3.10
xmlsoft libxml2 2.3.11
xmlsoft libxml2 2.3.12
xmlsoft libxml2 2.3.13
xmlsoft libxml2 2.3.14
xmlsoft libxml2 2.4.1
xmlsoft libxml2 2.4.2
xmlsoft libxml2 2.4.3
xmlsoft libxml2 2.4.4
xmlsoft libxml2 2.4.5
xmlsoft libxml2 2.4.6
xmlsoft libxml2 2.4.7
xmlsoft libxml2 2.4.8
xmlsoft libxml2 2.4.9
xmlsoft libxml2 2.4.10
xmlsoft libxml2 2.4.11
xmlsoft libxml2 2.4.12
xmlsoft libxml2 2.4.13
xmlsoft libxml2 2.4.14
xmlsoft libxml2 2.4.15
xmlsoft libxml2 2.4.16
xmlsoft libxml2 2.4.17
xmlsoft libxml2 2.4.18
xmlsoft libxml2 2.4.19
xmlsoft libxml2 2.4.20
xmlsoft libxml2 2.4.21
xmlsoft libxml2 2.4.22
xmlsoft libxml2 2.4.23
xmlsoft libxml2 2.4.24
xmlsoft libxml2 2.4.25
xmlsoft libxml2 2.4.26
xmlsoft libxml2 2.4.27
xmlsoft libxml2 2.4.28
xmlsoft libxml2 2.4.29
xmlsoft libxml2 2.4.30
xmlsoft libxml2 2.5.0
xmlsoft libxml2 2.5.4
xmlsoft libxml2 2.5.7
xmlsoft libxml2 2.5.8
xmlsoft libxml2 2.5.10
xmlsoft libxml2 2.5.11
xmlsoft libxml2 2.6.0
xmlsoft libxml2 2.6.1
xmlsoft libxml2 2.6.2
xmlsoft libxml2 2.6.3
xmlsoft libxml2 2.6.4
xmlsoft libxml2 2.6.5
xmlsoft libxml2 2.6.6
xmlsoft libxml2 2.6.7
xmlsoft libxml2 2.6.8
xmlsoft libxml2 2.6.9
xmlsoft libxml2 2.6.11
xmlsoft libxml2 2.6.12
xmlsoft libxml2 2.6.13
xmlsoft libxml2 2.6.14
xmlsoft libxml2 2.6.16
xmlsoft libxml2 2.6.17
xmlsoft libxml2 2.6.18
xmlsoft libxml2 2.6.20
xmlsoft libxml2 2.6.21
xmlsoft libxml2 2.6.22
xmlsoft libxml2 2.6.23
xmlsoft libxml2 2.6.24
xmlsoft libxml2 2.6.25
xmlsoft libxml2 2.6.26
xmlsoft libxml2 2.6.27
xmlsoft libxml2 2.6.28
xmlsoft libxml2 2.6.29
xmlsoft libxml2 2.6.30
xmlsoft libxml2 2.6.31
xmlsoft libxml2 2.6.32
xmlsoft libxml2 2.7.0
xmlsoft libxml2 2.7.1
xmlsoft libxml2 2.7.2
xmlsoft libxml2 2.7.3
xmlsoft libxml2 2.7.4
xmlsoft libxml2 2.7.5
xmlsoft libxml2 2.7.6
xmlsoft libxml2 2.7.7
xmlsoft libxml2 2.7.8
xmlsoft libxml2 2.8.0
xmlsoft libxml2 2.9.0
xmlsoft libxml2 2.9.0
apple mac_os_x *
canonical ubuntu_linux 10.04
canonical ubuntu_linux 12.04
canonical ubuntu_linux 14.04
debian debian_linux 7.0
redhat enterprise_linux 5.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18BCA403-8F0F-4564-BE7E-1DE10408B54B",
              "versionEndIncluding": "2.9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "586C0FAB-E288-4EFB-8946-4535971F23F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "15236DDC-0095-4253-9113-61F76EFC0769",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F95AB1-D3D0-4E39-B135-4B55991845CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "392E4AA7-00D2-45B1-9FA7-C1C7C37431F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "C7839A86-59AA-400C-BF29-18E612B8EB4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F9A211A-5C44-4BDC-9676-3B7B937835B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BECA085A-BEF1-4AD2-ABBA-069CE2642796",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E66BF7BC-5B5C-40BB-B826-3CC9DBAB53D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F330D609-31EB-4B4C-B007-ACEABA557F54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9E2F05B-B298-489C-9E44-62E0A199E148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "070B2F1F-9A99-4A20-9BA9-CF175D482DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "25DC5AE4-9DEA-4828-96F0-57BACB6C9B25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDE26E6D-53FF-4001-8F25-C112635CB74E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1210A8D-5359-4FD4-963F-506200AA20AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA748E50-798F-40EA-B252-0A166DEEB120",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5B9E7CC-D552-4C9A-909E-42D375452E09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "06C20B5C-16E7-4C1B-A2DB-8EB4B9A7045D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7A901B3-B0F4-4D2B-8CAF-25938219B657",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "12FCBA01-D739-4BA2-83F5-D41A6DF91F1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFC8C43D-84C7-4C0C-8DD1-66206D665C35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E60C1B4-BBC1-4E2B-8323-A7E059EF6BEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B677850-4FE9-4522-ADAE-42C5D17D4A7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BB7931B-55AA-4735-8AAB-9F3A9E9C0123",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4A5B9AF-7F82-4EEC-A776-587C6DD44448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "94D33392-DD5C-4704-BECF-69D416F9F2C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1BA896F-07D7-4B93-939B-B6CDD1DCA87C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "647CA5AD-5AC2-448E-8445-62837F413361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "37D4241B-A328-45F0-9FAB-CEE20DC7432E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAAD77C4-84EC-4924-90F8-35A2375AA6A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A124C5A-C72C-4623-925E-378FF40671EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ACD2FD4-E884-4FC5-842B-86AAE06D9E05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "14A9036D-1474-4097-9E70-09F7BBA2826C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8884CF6-2F5B-465F-841B-3C69EC3BE3BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A699B966-3756-4D5B-8693-0678EEDD8AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1E50FED-4BAD-4D04-98C3-C2427E086C1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "70880522-BBC0-4D5C-8DA3-245E189FA1C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A8BA1A0-F8E7-4B93-B667-D012C91F831E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "27662848-9CD5-43BC-9A1B-8C6EBACCCC21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C967E50C-E7AA-49D0-A055-20CA083CA232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA398ACA-73C2-4093-AD35-E30161C96C25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "757B5A74-6B7B-4F01-9891-9F9E510074C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C10CC4C-3A9C-4AD0-A7C1-ACF781BF20D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E67FD94-4E96-4FCC-990B-4C0A5C599ED0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E7DDE27-9DE8-4E45-AFA2-AFFEA8F0D917",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "92CEEDA7-5DFC-4DB0-989E-F356E5CF65A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "25D60B58-3558-4244-A5B3-8D16F53A9588",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5DB409B-795F-4F8A-85E1-0B4E66AE9D48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "457C47ED-A429-42AE-9FF9-978D605BACFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C20B9D5-9E10-4B6D-8095-B2A63EDB8D16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "9087E4FE-661F-4803-BB3B-09D2699265E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C2D01CF-9FCE-41F8-997E-EA9BDCCD8C76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "84E1C7A6-DCA7-4760-B1B6-EFB256978CFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F1E7CFF-E4B3-4B31-BE23-C187544E9488",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "81EDD077-5183-4588-8DB1-93A0597AAA34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "530FE28C-0D51-4BF9-AE43-D65F9913B48B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "F030053E-2292-42E2-8435-0CFBDDE688DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0258377-DD8B-4FA6-B075-E8489C83CEAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "69E0BD23-38C6-43C0-870F-00B13F7C91D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D3350E-5186-4DC8-9D1B-59068A469496",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "F76783D0-63F8-48A7-85FE-E5E8DBFA223D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "52AE89B2-C1A3-48C8-AEB5-4B0D757AE361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ACA170D-21DB-47CD-AD73-2DEB2A2439F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFC48A66-7D1F-4446-BC50-6C1A1DF819E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0A86D90-C64E-4850-8D6E-94D3C0789241",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A50725-AC7A-4FDB-887A-3DCB369C943D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "D463EC3C-88F1-46D9-ADB6-6283DC23B0B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "43F8E361-E6D3-4666-B18D-928D550FD5D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6948CD9-8489-46BA-9159-24C842490702",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C43087-760E-482A-B34E-141A29AC57A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "669211F7-90EA-47AB-A787-34DD79DF8E25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "025B16D8-1023-4D47-BADD-C1E838B47D88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "320E691F-D417-4D81-A223-C46FEFFD908A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3B06B40-327D-4EFA-AD19-DA1CA7D50B4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB8BEC58-AB2A-4953-A2E8-338EB894A494",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABDE6C9A-4F24-42B4-8AA3-3EBC97190322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "44FB2813-BE9F-46A8-864B-435D883CA0FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9DF1336-F831-4507-B45E-574BDE8AA8BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "33268B2F-3591-48D9-B123-92E3ABF157F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "0830367A-9FB3-4291-88C0-38A471DFD22B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "73E4EB1B-2E8B-4504-AB05-F4D4E6B038E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5815E25-5305-4A32-81B3-89DB1D5C1AC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AD69C98-11AB-4BB5-A91A-F029BA0E1DB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "98CF3A74-B9F8-4689-B81C-F579D827DA5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DBD9C7D-CD0B-4B5B-BEC2-F67610DEDE2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "798F7A01-F006-4589-82F8-943F81015693",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A1C90C5-1B77-4BE5-ACDA-1F15D3F2A000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "36940C55-BFD4-4C77-A26B-C0F273EAC2EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ECB753E-430C-4DBD-9063-506E749A21CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EBD3E93-1624-4B1D-8F9A-5683ADA4983E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "551B91B8-7A5A-4E5D-AAED-76705F8A2829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D8135B1-FB22-4755-A5ED-CDB16E3E85A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4685BF-394A-4426-980A-2B1D37737C06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A68008-7392-4BE4-AB30-24D2BA124E3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "63F37BF5-D4D2-43AB-841A-E9AC32A68452",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8A074B-069A-4520-8E3C-AB614C31B68A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "D77DE5FD-060A-4AD6-A925-4E9EF186C835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "7069A49C-038C-4E7B-AF03-4D90D5734414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "87E895B9-5AF7-4A1F-B740-B3E13DE3254E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8FD29EFD-1ADB-4349-8E7D-EA6B34B0F6DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC720A50-9EF5-4B73-86D1-AE87D402611E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "464942E8-EDF3-4ECB-B907-FFCDBC9079C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1246C0E-DCAC-405E-ADCE-3D16D659C567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5703D8EC-259B-49C3-AADE-916227DEB96F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "184B40E3-28FD-49A4-9560-5E26293D7D08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CCE8BBA-6721-4257-9F2E-23AEB104564E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF2A3107-5F12-407E-9009-7F42B09299E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8928F415-C124-4B4A-9D59-40AC6845AFD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "955673D9-2912-48A2-93C9-10430290A4AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "268661C2-7A45-4743-8A09-48B3EE21212E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
              "versionEndIncluding": "10.10.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the \"billion laughs\" attack."
    },
    {
      "lang": "es",
      "value": "parser.c en libxml2 anterior a 2.9.2 no previene debidamente la expansi\u00f3n de entidades incluso cuando la substituci\u00f3n de entidades haya sido deshabilitada, lo que permite a atacantes dependientes de contexto causar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de un documento XML manipualdo que contiene un n\u00famero grande de referencias de entidades anidadas, una variante del ataque del \u0027bill\u00f3n de risas\u0027."
    }
  ],
  "evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/611.html\" target=\"_blank\"\u003eCWE-611: Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)\u003c/a\u003e",
  "id": "CVE-2014-3660",
  "lastModified": "2024-11-21T02:08:35.850",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-11-04T16:55:06.043",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00034.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1655.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1885.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59903"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61965"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61966"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/61991"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2014/dsa-3057"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/10/17/7"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/70644"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2389-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/attachment.cgi?id=944444\u0026action=diff"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149084"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT205030"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT205031"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1655.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1885.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59903"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61965"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61966"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/61991"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2014/dsa-3057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:244"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2014/10/17/7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/70644"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2389-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/attachment.cgi?id=944444\u0026action=diff"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1149084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT205030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT205031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.