GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
|
History
21 Nov 2024, 05:16
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00036.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00061.html - Mailing List, Third Party Advisory | |
References | () https://gitlab.gnome.org/GNOME/libxml2/-/commit/50f06b3efb638efb0abd95dc62dca05ae67882c2 - Patch, Vendor Advisory | |
References | () https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 - Exploit, Issue Tracking, Patch, Vendor Advisory | |
References | () https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E - | |
References | () https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html - Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NQ5GTDYOVH26PBCPYXXMGW5ZZXWMGZC/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3IQ7OQXBKWD3YP7HO6KCNOMLE5ZO2IR/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7MEWYKIKMV2SKMGH4IDWVU3ZGJXBCPQ/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/ - | |
References | () https://security.gentoo.org/glsa/202107-05 - Third Party Advisory | |
References | () https://security.netapp.com/advisory/ntap-20200924-0001/ - Third Party Advisory | |
References | () https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory | |
References | () https://www.oracle.com/security-alerts/cpujul2022.html - | |
References | () https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory |
25 Jul 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 May 2022, 14:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:* |
|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory |
20 Apr 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Apr 2022, 15:34
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Mailing List, Third Party Advisory | |
References | (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 - Exploit, Issue Tracking, Patch, Vendor Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/202107-05 - Third Party Advisory | |
CPE | cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:real_user_experience_insight:13.5.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:real_user_experience_insight:13.4.1.0:*:*:*:*:*:*:* |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-09-04 00:15
Updated : 2024-11-21 05:16
NVD link : CVE-2020-24977
Mitre link : CVE-2020-24977
CVE.ORG link : CVE-2020-24977
JSON object : View
Products Affected
netapp
- snapdrive
- active_iq_unified_manager
- manageability_software_development_kit
- clustered_data_ontap_antivirus_connector
- inventory_collect_tool
- hci_h410c
- clustered_data_ontap
- hci_h410c_firmware
xmlsoft
- libxml2
oracle
- mysql_workbench
- http_server
- peoplesoft_enterprise_peopletools
- enterprise_manager_base_platform
- communications_cloud_native_core_network_function_cloud_native_environment
- real_user_experience_insight
- enterprise_manager_ops_center
fedoraproject
- fedora
opensuse
- leap
debian
- debian_linux
CWE
CWE-125
Out-of-bounds Read