Inappropriate coding practices In libxml2
Description
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 alpine v3.13 | =2.7.2-r0 || =2.7.3-r0 || =2.7.6-r0 || =2.7.6-r1 || =2.7.6-r2 || =2.7.6-r3 || =2.7.7-r0 || =2.7.7-r1 || =2.7.7-r2 || =2.7.7-r3 || =2.7.7-r4 || =2.7.8-r0 || =2.7.8-r1 || =2.7.8-r2 || =2.7.8-r4 || =2.7.8-r5 || =2.7.8-r6 || =2.7.8-r7 || =2.7.8-r8 || =2.8.0-r0 || =2.8.0-r1 || =2.9.0-r0 || =2.9.0-r1 || =2.9.0-r2 || =2.9.0-r3 || =2.9.1-r0 || =2.9.1-r1 || =2.9.1-r2 || =2.9.2-r0 || =2.9.2-r1 || =2.9.2-r2 || =2.9.3-r0 || =2.9.4-r0 || =2.9.4-r1 || =2.9.4-r2 || =2.9.4-r3 || =2.9.4-r4 || =2.9.5-r0 || =2.9.6-r0 || =2.9.6-r2 || =2.9.7-r0 || =2.9.7-r1 || =2.9.8-r0 || >=0 <2.9.8-r1 | 2.9.8-r1 | |
 nuget | =2.9.8 | - | |
alpine v3.17 | =2.7.2-r0 || =2.7.3-r0 || =2.7.6-r0 || =2.7.6-r1 || =2.7.6-r2 || =2.7.6-r3 || =2.7.7-r0 || =2.7.7-r1 || =2.7.7-r2 || =2.7.7-r3 || =2.7.7-r4 || =2.7.8-r0 || =2.7.8-r1 || =2.7.8-r2 || =2.7.8-r4 || =2.7.8-r5 || =2.7.8-r6 || =2.7.8-r7 || =2.7.8-r8 || =2.8.0-r0 || =2.8.0-r1 || =2.9.0-r0 || =2.9.0-r1 || =2.9.0-r2 || =2.9.0-r3 || =2.9.1-r0 || =2.9.1-r1 || =2.9.1-r2 || =2.9.2-r0 || =2.9.2-r1 || =2.9.2-r2 || =2.9.3-r0 || =2.9.4-r0 || =2.9.4-r1 || =2.9.4-r2 || =2.9.4-r3 || =2.9.4-r4 || =2.9.5-r0 || =2.9.6-r0 || =2.9.6-r2 || =2.9.7-r0 || =2.9.7-r1 || =2.9.8-r0 || >=0 <2.9.8-r1 | 2.9.8-r1 | |
 debian 11 | >=0 <2.9.10+dfsg-2 | 2.9.10+dfsg-2 | |
alpine v3.5 | =2.7.2-r0 || =2.7.3-r0 || =2.7.6-r0 || =2.7.6-r1 || =2.7.6-r2 || =2.7.6-r3 || =2.7.7-r0 || =2.7.7-r1 || =2.7.7-r2 || =2.7.7-r3 || =2.7.7-r4 || =2.7.8-r0 || =2.7.8-r1 || =2.7.8-r2 || =2.7.8-r4 || =2.7.8-r5 || =2.7.8-r6 || =2.7.8-r7 || =2.7.8-r8 || =2.8.0-r0 || =2.8.0-r1 || =2.9.0-r0 || =2.9.0-r1 || =2.9.0-r2 || =2.9.0-r3 || =2.9.1-r0 || =2.9.1-r1 || =2.9.1-r2 || =2.9.2-r0 || =2.9.2-r1 || =2.9.2-r2 || =2.9.3-r0 || =2.9.4-r0 || =2.9.4-r1 || =2.9.4-r2 || =2.9.4-r3 || =2.9.5-r0 || =2.9.8-r0 || >=0 <2.9.8-r1 | 2.9.8-r1 | |
alpine v3.12 | =2.7.2-r0 || =2.7.3-r0 || =2.7.6-r0 || =2.7.6-r1 || =2.7.6-r2 || =2.7.6-r3 || =2.7.7-r0 || =2.7.7-r1 || =2.7.7-r2 || =2.7.7-r3 || =2.7.7-r4 || =2.7.8-r0 || =2.7.8-r1 || =2.7.8-r2 || =2.7.8-r4 || =2.7.8-r5 || =2.7.8-r6 || =2.7.8-r7 || =2.7.8-r8 || =2.8.0-r0 || =2.8.0-r1 || =2.9.0-r0 || =2.9.0-r1 || =2.9.0-r2 || =2.9.0-r3 || =2.9.1-r0 || =2.9.1-r1 || =2.9.1-r2 || =2.9.2-r0 || =2.9.2-r1 || =2.9.2-r2 || =2.9.3-r0 || =2.9.4-r0 || =2.9.4-r1 || =2.9.4-r2 || =2.9.4-r3 || =2.9.4-r4 || =2.9.5-r0 || =2.9.6-r0 || =2.9.6-r2 || =2.9.7-r0 || =2.9.7-r1 || =2.9.8-r0 || >=0 <2.9.8-r1 | 2.9.8-r1 | |
alpine v3.15 | =2.7.2-r0 || =2.7.3-r0 || =2.7.6-r0 || =2.7.6-r1 || =2.7.6-r2 || =2.7.6-r3 || =2.7.7-r0 || =2.7.7-r1 || =2.7.7-r2 || =2.7.7-r3 || =2.7.7-r4 || =2.7.8-r0 || =2.7.8-r1 || =2.7.8-r2 || =2.7.8-r4 || =2.7.8-r5 || =2.7.8-r6 || =2.7.8-r7 || =2.7.8-r8 || =2.8.0-r0 || =2.8.0-r1 || =2.9.0-r0 || =2.9.0-r1 || =2.9.0-r2 || =2.9.0-r3 || =2.9.1-r0 || =2.9.1-r1 || =2.9.1-r2 || =2.9.2-r0 || =2.9.2-r1 || =2.9.2-r2 || =2.9.3-r0 || =2.9.4-r0 || =2.9.4-r1 || =2.9.4-r2 || =2.9.4-r3 || =2.9.4-r4 || =2.9.5-r0 || =2.9.6-r0 || =2.9.6-r2 || =2.9.7-r0 || =2.9.7-r1 || =2.9.8-r0 || >=0 <2.9.8-r1 | 2.9.8-r1 | |
alpine v3.18 | =2.7.2-r0 || =2.7.3-r0 || =2.7.6-r0 || =2.7.6-r1 || =2.7.6-r2 || =2.7.6-r3 || =2.7.7-r0 || =2.7.7-r1 || =2.7.7-r2 || =2.7.7-r3 || =2.7.7-r4 || =2.7.8-r0 || =2.7.8-r1 || =2.7.8-r2 || =2.7.8-r4 || =2.7.8-r5 || =2.7.8-r6 || =2.7.8-r7 || =2.7.8-r8 || =2.8.0-r0 || =2.8.0-r1 || =2.9.0-r0 || =2.9.0-r1 || =2.9.0-r2 || =2.9.0-r3 || =2.9.1-r0 || =2.9.1-r1 || =2.9.1-r2 || =2.9.2-r0 || =2.9.2-r1 || =2.9.2-r2 || =2.9.3-r0 || =2.9.4-r0 || =2.9.4-r1 || =2.9.4-r2 || =2.9.4-r3 || =2.9.4-r4 || =2.9.5-r0 || =2.9.6-r0 || =2.9.6-r2 || =2.9.7-r0 || =2.9.7-r1 || =2.9.8-r0 || >=0 <2.9.8-r1 | 2.9.8-r1 | |
alpine v3.9 | =2.7.2-r0 || =2.7.3-r0 || =2.7.6-r0 || =2.7.6-r1 || =2.7.6-r2 || =2.7.6-r3 || =2.7.7-r0 || =2.7.7-r1 || =2.7.7-r2 || =2.7.7-r3 || =2.7.7-r4 || =2.7.8-r0 || =2.7.8-r1 || =2.7.8-r2 || =2.7.8-r4 || =2.7.8-r5 || =2.7.8-r6 || =2.7.8-r7 || =2.7.8-r8 || =2.8.0-r0 || =2.8.0-r1 || =2.9.0-r0 || =2.9.0-r1 || =2.9.0-r2 || =2.9.0-r3 || =2.9.1-r0 || =2.9.1-r1 || =2.9.1-r2 || =2.9.2-r0 || =2.9.2-r1 || =2.9.2-r2 || =2.9.3-r0 || =2.9.4-r0 || =2.9.4-r1 || =2.9.4-r2 || =2.9.4-r3 || =2.9.4-r4 || =2.9.5-r0 || =2.9.6-r0 || =2.9.6-r2 || =2.9.7-r0 || =2.9.7-r1 || =2.9.8-r0 || >=0 <2.9.8-r1 | 2.9.8-r1 | |
alpine v3.10 | =2.7.2-r0 || =2.7.3-r0 || =2.7.6-r0 || =2.7.6-r1 || =2.7.6-r2 || =2.7.6-r3 || =2.7.7-r0 || =2.7.7-r1 || =2.7.7-r2 || =2.7.7-r3 || =2.7.7-r4 || =2.7.8-r0 || =2.7.8-r1 || =2.7.8-r2 || =2.7.8-r4 || =2.7.8-r5 || =2.7.8-r6 || =2.7.8-r7 || =2.7.8-r8 || =2.8.0-r0 || =2.8.0-r1 || =2.9.0-r0 || =2.9.0-r1 || =2.9.0-r2 || =2.9.0-r3 || =2.9.1-r0 || =2.9.1-r1 || =2.9.1-r2 || =2.9.2-r0 || =2.9.2-r1 || =2.9.2-r2 || =2.9.3-r0 || =2.9.4-r0 || =2.9.4-r1 || =2.9.4-r2 || =2.9.4-r3 || =2.9.4-r4 || =2.9.5-r0 || =2.9.6-r0 || =2.9.6-r2 || =2.9.7-r0 || =2.9.7-r1 || =2.9.8-r0 || >=0 <2.9.8-r1 | 2.9.8-r1 |
1-10 of 25
10
Does your application use this vulnerable software?
During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.