ALPINE-CVE-2020-24977
- Source
- https://security.alpinelinux.org/vuln/CVE-2020-24977
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/alpine/ALPINE-CVE-2020-24977.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/ALPINE-CVE-2020-24977
- Upstream
- Published
- 2020-09-04T00:15:10.693Z
- Modified
- 2025-12-03T22:44:01.127940Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
- References
Affected packages
Alpine:v3.10
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.9-r4
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
Alpine:v3.11
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r4
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
Alpine:v3.12
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.13
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.14
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.15
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.16
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.17
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.18
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.19
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.20
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.21
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.22
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.23
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.10-r5
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2
2.9.9-r3
2.9.10-r0
2.9.10-r1
2.9.10-r2
2.9.10-r3
2.9.10-r4
Alpine:v3.9
libxml2
Package
- Name
- libxml2
- Purl
- pkg:apk/alpine/libxml2?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.9-r3
Affected versions
2.*
2.7.2-r0
2.7.3-r0
2.7.6-r0
2.7.6-r1
2.7.6-r2
2.7.6-r3
2.7.7-r0
2.7.7-r1
2.7.7-r2
2.7.7-r3
2.7.7-r4
2.7.8-r0
2.7.8-r1
2.7.8-r2
2.7.8-r4
2.7.8-r5
2.7.8-r6
2.7.8-r7
2.7.8-r8
2.8.0-r0
2.8.0-r1
2.9.0-r0
2.9.0-r1
2.9.0-r2
2.9.0-r3
2.9.1-r0
2.9.1-r1
2.9.1-r2
2.9.2-r0
2.9.2-r1
2.9.2-r2
2.9.3-r0
2.9.4-r0
2.9.4-r1
2.9.4-r2
2.9.4-r3
2.9.4-r4
2.9.5-r0
2.9.6-r0
2.9.6-r2
2.9.7-r0
2.9.7-r1
2.9.8-r0
2.9.8-r1
2.9.8-r2
2.9.9-r0
2.9.9-r1
2.9.9-r2