First published: Tue Apr 03 2018(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/libxml2 | <0:2.9.1-6.el7.4 | 0:2.9.1-6.el7.4 |
Xmlsoft Libxml2 | =2.9.8 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Debian Debian Linux | =8.0 | |
redhat/libxml2 | <2.9.7 | 2.9.7 |
debian/libxml2 | 2.9.10+dfsg-6.7+deb11u4 2.9.10+dfsg-6.7+deb11u5 2.9.14+dfsg-1.3~deb12u1 2.12.7+dfsg+really2.9.14-0.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
The vulnerability ID for libxml2 is CVE-2018-14567.
The severity of CVE-2018-14567 is medium.
CVE-2018-14567 allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR.
To fix CVE-2018-14567, you should update the libxml2 package to version 2.9.9 or higher.
You can find more information about CVE-2018-14567 at the following references: [MITRE] [Ubuntu Security Notice] [NVD].