[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87854

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-1072 --- libxml2

ID: oval:org.secpod.oval:def:1600922Date: (C)2018-09-07   (M)2018-09-07
Class: PATCHFamily: unix




A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.

Platform:
Amazon Linux AMI
Product:
libxml2
Reference:
ALAS-2018-1072
CVE-2018-14404
CVE    1
CVE-2018-14404
CPE    2
cpe:/o:amazon:linux
cpe:/a:libxml2:libxml2

© SecPod Technologies