What is the vulnerability ID for libxml2 vulnerabilities?

The vulnerability ID for libxml2 vulnerabilities is CVE-2019-19956 and CVE-2020-7595.

What is the severity level of CVE-2019-19956 and CVE-2020-7595?

The severity level of CVE-2019-19956 and CVE-2020-7595 is not specified.

How can an attacker exploit CVE-2019-19956 and CVE-2020-7595?

An attacker can exploit CVE-2019-19956 and CVE-2020-7595 to cause a denial of service.

Which versions of libxml2 are affected by these vulnerabilities?

The affected versions of libxml2 are 2.9.4+dfsg1-7ubuntu3.1, 2.9.4+dfsg1-6.1ubuntu1.3, 2.9.3+dfsg1-1ubuntu0.7, 2.9.1+dfsg1-3ubuntu4.13+esm1, and 2.7.8.dfsg-5.1ubuntu4.22.

How do I fix the libxml2 vulnerabilities?

To fix the libxml2 vulnerabilities, update to version 2.9.4+dfsg1-7ubuntu3.1 for Ubuntu 19.10, version 2.9.4+dfsg1-6.1ubuntu1.3 for Ubuntu 18.04, version 2.9.3+dfsg1-1ubuntu0.7 for Ubuntu 16.04, version 2.9.1+dfsg1-3ubuntu4.13+esm1 for Ubuntu 14.04, and version 2.7.8.dfsg-5.1ubuntu4.22 for Ubuntu 12.04.

Vulnerability/
USN-4274-1

10/2/2020

USN-4274-1: libxml2 vulnerabilities

First published: Mon Feb 10 2020(Updated: )

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-19956, CVE-2020-7595)

Affected Software	Affected Version	How to fix
All of
ubuntu/libxml2	<2.9.4+dfsg1-7ubuntu3.1	2.9.4+dfsg1-7ubuntu3.1
	=19.10
All of
ubuntu/libxml2-utils	<2.9.4+dfsg1-7ubuntu3.1	2.9.4+dfsg1-7ubuntu3.1
	=19.10
All of
ubuntu/libxml2	<2.9.4+dfsg1-6.1ubuntu1.3	2.9.4+dfsg1-6.1ubuntu1.3
	=18.04
All of
ubuntu/libxml2-utils	<2.9.4+dfsg1-6.1ubuntu1.3	2.9.4+dfsg1-6.1ubuntu1.3
	=18.04
All of
ubuntu/libxml2	<2.9.3+dfsg1-1ubuntu0.7	2.9.3+dfsg1-1ubuntu0.7
	=16.04
All of
ubuntu/libxml2-utils	<2.9.3+dfsg1-1ubuntu0.7	2.9.3+dfsg1-1ubuntu0.7
	=16.04
All of
ubuntu/libxml2	<2.9.1+dfsg1-3ubuntu4.13+esm1	2.9.1+dfsg1-3ubuntu4.13+esm1
	=14.04
All of
ubuntu/libxml2-utils	<2.9.1+dfsg1-3ubuntu4.13+esm1	2.9.1+dfsg1-3ubuntu4.13+esm1
	=14.04
All of
ubuntu/libxml2	<2.7.8.dfsg-5.1ubuntu4.22	2.7.8.dfsg-5.1ubuntu4.22
	=12.04
All of
ubuntu/libxml2-utils	<2.7.8.dfsg-5.1ubuntu4.22	2.7.8.dfsg-5.1ubuntu4.22
	=12.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the vulnerability ID for libxml2 vulnerabilities?
The vulnerability ID for libxml2 vulnerabilities is CVE-2019-19956 and CVE-2020-7595.
What is the severity level of CVE-2019-19956 and CVE-2020-7595?
The severity level of CVE-2019-19956 and CVE-2020-7595 is not specified.
How can an attacker exploit CVE-2019-19956 and CVE-2020-7595?
An attacker can exploit CVE-2019-19956 and CVE-2020-7595 to cause a denial of service.
Which versions of libxml2 are affected by these vulnerabilities?
The affected versions of libxml2 are 2.9.4+dfsg1-7ubuntu3.1, 2.9.4+dfsg1-6.1ubuntu1.3, 2.9.3+dfsg1-1ubuntu0.7, 2.9.1+dfsg1-3ubuntu4.13+esm1, and 2.7.8.dfsg-5.1ubuntu4.22.
How do I fix the libxml2 vulnerabilities?
To fix the libxml2 vulnerabilities, update to version 2.9.4+dfsg1-7ubuntu3.1 for Ubuntu 19.10, version 2.9.4+dfsg1-6.1ubuntu1.3 for Ubuntu 18.04, version 2.9.3+dfsg1-1ubuntu0.7 for Ubuntu 16.04, version 2.9.1+dfsg1-3ubuntu4.13+esm1 for Ubuntu 14.04, and version 2.7.8.dfsg-5.1ubuntu4.22 for Ubuntu 12.04.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/usn
source/Ubuntu
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/19.10
version/ubuntu ubuntu/18.04
version/ubuntu ubuntu/16.04
version/ubuntu ubuntu/14.04
version/ubuntu ubuntu/12.04