CVE-2019-19956 - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to

CVE-2019-19956

Summary

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.

References

Vulnerable Configurations

cpe:2.3:a:xmlsoft:libxml2:-:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:-:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.7.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.13:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.13:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.14:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.14:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.16:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:1.8.16:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.0:beta:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.2.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.12:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.13:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.3.14:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.12:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.13:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.14:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.15:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.16:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.17:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.18:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.20:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.21:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.22:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.24:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.25:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.26:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.27:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.28:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.29:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.4.30:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.10:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.11:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.12:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.13:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.14:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.15:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.15:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.17:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.18:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.19:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.19:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.20:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.21:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.22:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.23:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.24:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.25:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.28:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.29:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.30:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.31:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.7.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.8.0:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.8.0:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.8.0:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.8.0:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.0:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.0:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.0:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.2:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.2:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.2:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.2:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.2:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.2:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.3:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.4:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.4:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.4:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.4:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.4:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.4:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.5:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.5:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.5:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.5:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.5:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.5:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.6:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.6:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.6:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.6:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.6:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.7:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.7:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.7:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.7:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.7:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.8:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.8:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.8:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.8:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.8:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.9:*:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.9:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.9:-:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.9:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.9:rc1:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.9:rc2:*:*:*:*:*:*
cpe:2.3:a:xmlsoft:libxml2:2.9.9:rc2:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:real_user_experience_insight:13.3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:real_user_experience_insight:13.3.1.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:1.0:sp3_hf1:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:1.0:sp3_hf1:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:1.1:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:1.1:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:1.2:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:1.2:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:1.3:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:1.3:*:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:2.0:-:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:2.0:-:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:2.0:hf1:*:*:*:*:*:*
cpe:2.3:a:siemens:sinema_remote_connect_server:2.0:hf1:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 21-07-2021 - 11:39)
Impact:
Exploitability:

CWE

CWE-772

CAPEC

HTTP DoS
An attacker performs flooding at the HTTP level to bring down only a particular web application rather than anything listening on a TCP/IP connection. This denial of service attack requires substantially fewer packets to be sent which makes DoS harder to detect. This is an equivalent of SYN flood in HTTP. The idea is to keep the HTTP session alive indefinitely and then repeat that hundreds of times. This attack targets resource depletion weaknesses in web server software. The web server will wait to attacker's responses on the initiated HTTP sessions while the connection threads are being exhausted.

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

redhat via4

rpms

jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6
jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7
jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el6
jbcs-httpd24-curl-debuginfo-0:7.64.1-36.jbcs.el7
jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6
jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7
jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el6
jbcs-httpd24-httpd-debuginfo-0:2.4.37-57.jbcs.el7
jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el6
jbcs-httpd24-httpd-devel-0:2.4.37-57.jbcs.el7
jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el6
jbcs-httpd24-httpd-manual-0:2.4.37-57.jbcs.el7
jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el6
jbcs-httpd24-httpd-selinux-0:2.4.37-57.jbcs.el7
jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el6
jbcs-httpd24-httpd-tools-0:2.4.37-57.jbcs.el7
jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el6
jbcs-httpd24-libcurl-0:7.64.1-36.jbcs.el7
jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el6
jbcs-httpd24-libcurl-devel-0:7.64.1-36.jbcs.el7
jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el6
jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-4.Final_redhat_2.jbcs.el7
jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6
jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7
jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el6
jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-3.jbcs.el7
jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk-ap24-0:1.2.48-4.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-4.redhat_1.jbcs.el7
jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el6
jbcs-httpd24-mod_jk-manual-0:1.2.48-4.redhat_1.jbcs.el7
jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el6
jbcs-httpd24-mod_ldap-0:2.4.37-57.jbcs.el7
jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6
jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7
jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el6
jbcs-httpd24-mod_md-debuginfo-1:2.0.8-24.jbcs.el7
jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el6
jbcs-httpd24-mod_proxy_html-1:2.4.37-57.jbcs.el7
jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6
jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7
jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el6
jbcs-httpd24-mod_security-debuginfo-0:2.9.2-51.GA.jbcs.el7
jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el6
jbcs-httpd24-mod_session-0:2.4.37-57.jbcs.el7
jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el6
jbcs-httpd24-mod_ssl-1:2.4.37-57.jbcs.el7
jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6
jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7
jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el6
jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-25.jbcs.el7
jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el6
jbcs-httpd24-nghttp2-devel-0:1.39.2-25.jbcs.el7
jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7
jbcs-httpd24-openssl-pkcs11-debuginfo-0:0.4.10-7.jbcs.el7
libxml2-0:2.9.1-6.el7.5
libxml2-debuginfo-0:2.9.1-6.el7.5
libxml2-devel-0:2.9.1-6.el7.5
libxml2-python-0:2.9.1-6.el7.5
libxml2-static-0:2.9.1-6.el7.5
libxml2-0:2.9.7-8.el8
libxml2-debuginfo-0:2.9.7-8.el8
libxml2-debugsource-0:2.9.7-8.el8
libxml2-devel-0:2.9.7-8.el8
python3-libxml2-0:2.9.7-8.el8
python3-libxml2-debuginfo-0:2.9.7-8.el8

refmap via4

confirm	https://security.netapp.com/advisory/ntap-20200114-0002/
fedora	FEDORA-2020-0c71c00af4 FEDORA-2020-7694e8be73
misc	https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549 https://www.oracle.com/security-alerts/cpujul2020.html
mlist	[debian-lts-announce] 20191228 [SECURITY] [DLA 2048-1] libxml2 security update [debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update
suse	openSUSE-SU-2020:0681 openSUSE-SU-2020:0781
ubuntu	USN-4274-1

Last major update

21-07-2021 - 11:39

Published

24-12-2019 - 16:15

Last modified

21-07-2021 - 11:39