GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
|
History
25 Jul 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 May 2022, 14:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:* |
|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory |
20 Apr 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Apr 2022, 15:34
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Mailing List, Third Party Advisory | |
References | (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 - Exploit, Issue Tracking, Patch, Vendor Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202107-05 - Third Party Advisory | |
CPE | cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:real_user_experience_insight:13.5.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:real_user_experience_insight:13.4.1.0:*:*:*:*:*:*:* |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-09-04 00:15
Updated : 2024-02-04 21:00
NVD link : CVE-2020-24977
Mitre link : CVE-2020-24977
CVE.ORG link : CVE-2020-24977
JSON object : View
Products Affected
netapp
- hci_h410c
- clustered_data_ontap
- manageability_software_development_kit
- inventory_collect_tool
- clustered_data_ontap_antivirus_connector
- snapdrive
- active_iq_unified_manager
- hci_h410c_firmware
oracle
- communications_cloud_native_core_network_function_cloud_native_environment
- mysql_workbench
- enterprise_manager_ops_center
- enterprise_manager_base_platform
- real_user_experience_insight
- http_server
- peoplesoft_enterprise_peopletools
debian
- debian_linux
fedoraproject
- fedora
opensuse
- leap
xmlsoft
- libxml2
CWE
CWE-125
Out-of-bounds Read