CVE-2015-1819
published 2015-08-14CVE-2015-1819: The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion…
medium5CVSS 3.1
AVNACLAuNCNINAP
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | <= 9.2.1 | — |
| apple | mac_os_x | <= 10.11.3 | — |
| apple | os_x_el_capitan_v10.11.4_and_security_update_2016-002 | — | — |
| apple | tvos | <= 9.1 | — |
| apple | tvos | — | — |
| apple | watchos | <= 2.1 | — |
| apple | watchos | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | libxml2 | < libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bookworm) | libxml2 2.9.2+really2.9.1+dfsg1-0.1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| nokogiri | nokogiri | >= 1.6.6.0 < 1.6.6.4 | 1.6.6.4 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| oracle | linux | — | — |
| oracle | solaris | — | — |
| redhat | enterprise_linux | <= 5.0 | — |
| xmlsoft | libxml2 | >= 0 < 2.9.2+really2.9.1+dfsg1-0.1 | 2.9.2+really2.9.1+dfsg1-0.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.2+really2.9.1+dfsg1-0.1 | 2.9.2+really2.9.1+dfsg1-0.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.2+really2.9.1+dfsg1-0.1 | 2.9.2+really2.9.1+dfsg1-0.1 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM