CVE-2019-20388

CWE-401 — Memory Leak CWE-40415 documents10 sources

Severity

7.5HIGH

EPSS

0.6%

top 30.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Mysql Workbench Debian Debian Linux Fedoraproject Fedora +7 more

Timeline

PublishedJan 21

Latest updateMay 24

Description

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages10 packages

▶Debianlibxml2< 2.9.10+dfsg-2.1+3

▶NVDxmlsoft/libxml22.9.10

▶RubyGemsnokogiri< 1.11.4

▶NVDoracle/mysql_workbench8.0.26

▶NVDopensuse/leap15.1

Also affects: Debian Linux 9.0, Fedora 30, 31, 32

Patches

Patch: gitlab.gnome.org ↗Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-7g45-9xmp-g2w6: xmlSchemaPreRun in xmlschemas↗2022-05-24

▶

OSV

libxml2 vulnerabilities↗2021-06-17

▶

OSV

Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12↗2021-05-17

▶

GHSA

Nokogiri updates packaged dependency on libxml2 from 2.9.10 to 2.9.12↗2021-05-17

▶

OSV

CVE-2019-20388: xmlSchemaPreRun in xmlschemas↗2020-01-21

▶

📋Vendor Advisories

Ubuntu

libxml2 vulnerabilities↗2021-06-17

▶

Red Hat

libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c↗2020-01-21

▶

Microsoft

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.↗2020-01-14

▶

Debian

CVE-2019-20388: libxml2 - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStr...↗2019

▶

💬Community

Bugzilla

CVE-2019-20388 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c↗2020-02-06

▶

Bugzilla

CVE-2019-20388 mingw-libxml2: libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c [fedora-all]↗2020-02-06

▶

Bugzilla

CVE-2019-20388 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c [fedora-all]↗2020-02-06

▶

Bugzilla

CVE-2019-20388 mingw-libxml2: libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c [epel-7]↗2020-02-06

▶