CVE-2017-8872

Updated: 2023-11-04 20:20:30.164635

Description:

The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 6.4
CVSS Version 3.x CRITICAL 9.1

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS libxml2 2.7.6 9.1 CRITICAL Released CLSA-2022:1641903536 2022-05-05 12:04:01
CentOS 7 ELS libxml2 2.9.1 9.1 CRITICAL Released CLSA-2024:1708417192 2024-03-05 08:47:39
CloudLinux 6 ELS libxml2 2.7.6 9.1 CRITICAL Released CLSA-2021:1640697686 2022-03-10 09:00:14
Oracle Linux 6 ELS libxml2 2.7.6 9.1 CRITICAL Released CLSA-2021:1640700669 2022-03-10 09:00:13
Ubuntu 16.04 ELS libxml2 2.9.3 9.1 CRITICAL Released CLSA-2021:1640700710 2021-12-28 11:06:31