[Forgot Password]
Login  Register Subscribe

24437

 
 

131950

 
 

117544

 
 

909

 
 

91519

 
 

143

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-1072 --- libxml2

ID: oval:org.secpod.oval:def:1600922Date: (C)2018-09-07   (M)2018-10-04
Class: PATCHFamily: unix




A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.

Platform:
Amazon Linux AMI
Product:
libxml2
Reference:
ALAS-2018-1072
CVE-2018-14404
CVE    1
CVE-2018-14404
CPE    5
cpe:/a:libxml2:libxml2
cpe:/o:debian:debian_linux:-
cpe:/o:amazon:linux
cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
...

© SecPod Technologies