QwikSec

Security Database

CVE

CWE

Training

CVE-2018-14567

Published: Aug 16, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

https://gitlab.gnome.org/GNOME/libxml2/commit/2240fbf5912054af025fb6e01e26375100275e74

x_refsource_CONFIRM

[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.