parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
References
Configurations
History
21 Nov 2024, 03:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://xmlsoft.org/news.html - Release Notes, Vendor Advisory | |
References | () https://blog.clamav.net/2018/07/clamav-01001-has-been-released.html - | |
References | () https://bugzilla.gnome.org/show_bug.cgi?id=759579 - Permissions Required | |
References | () https://github.com/GNOME/libxml2/commit/899a5d9f0ed13b8e32449a08a361e0de127dd961 - Patch, Third Party Advisory | |
References | () https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E - | |
References | () https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E - | |
References | () https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html - | |
References | () https://lists.debian.org/debian-lts-announce/2022/04/msg00004.html - | |
References | () https://usn.ubuntu.com/3739-1/ - |
07 Nov 2023, 02:40
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-11-23 21:29
Updated : 2024-11-21 03:17
NVD link : CVE-2017-16932
Mitre link : CVE-2017-16932
CVE.ORG link : CVE-2017-16932
JSON object : View
Products Affected
xmlsoft
- libxml2
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')