Updated: 2023-11-07 19:37:22.842105
Description:
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated |
|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | libxml2 | 2.9.13 | 7.8 | HIGH | Already Fixed | 2023-11-08 08:35:55 | |
| CentOS 6 ELS | libxml2 | 2.7.6 | 7.8 | HIGH | Released | CLSA-2022:1670521677 | 2022-12-29 19:54:05 |
| CentOS 7 ELS | libxml2 | 2.9.1 | 7.8 | HIGH | Released | CLSA-2023:1696537106 | 2023-10-05 17:08:29 |
| CentOS 8.4 ELS | libxml2 | 2.9.7-9 | 7.8 | HIGH | Released | CLSA-2022:1670523403 | 2022-12-08 16:03:07 |
| CentOS 8.5 ELS | libxml2 | 2.9.7-9 | 7.8 | HIGH | Released | CLSA-2022:1670523520 | 2022-12-08 16:03:08 |
| CloudLinux 6 ELS | libxml2 | 2.7.6 | 7.8 | HIGH | Released | CLSA-2022:1670522760 | 2022-12-29 19:54:05 |
| Oracle Linux 6 ELS | libxml2 | 2.7.6 | 7.8 | HIGH | Released | CLSA-2022:1670522857 | 2022-12-08 16:03:07 |
| Ubuntu 16.04 ELS | libxml2 | 2.9.3 | 7.8 | HIGH | Released | CLSA-2022:1670518262 | 2022-12-08 13:03:12 |
| Ubuntu 18.04 ELS | libxml2 | 2.9.4 | 7.8 | HIGH | Already Fixed | 2023-06-02 09:09:52 |