[Forgot Password]
Login  Register Subscribe

24544

 
 

132176

 
 

121239

 
 

909

 
 

98883

 
 

148

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-1072 --- libxml2

ID: oval:org.secpod.oval:def:1600922Date: (C)2018-09-07   (M)2018-10-04
Class: PATCHFamily: unix




A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.

Platform:
Amazon Linux AMI
Product:
libxml2
Reference:
ALAS-2018-1072
CVE-2018-14404
CVE    1
CVE-2018-14404
CPE    5
cpe:/a:libxml2:libxml2
cpe:/o:debian:debian_linux:-
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
...

© SecPod Technologies