CVE-2017-10672

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-10672

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10672.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-10672

Related

Published

2017-06-29T08:29:00Z

Modified

2025-01-08T04:23:50.325202Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.

References

Affected packages

Debian:11 / libxml-libxml-perl

Package

Name: libxml-libxml-perl
Purl: pkg:deb/debian/libxml-libxml-perl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0128+dfsg-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libxml-libxml-perl

Package

Name: libxml-libxml-perl
Purl: pkg:deb/debian/libxml-libxml-perl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0128+dfsg-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libxml-libxml-perl

Package

Name: libxml-libxml-perl
Purl: pkg:deb/debian/libxml-libxml-perl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0128+dfsg-5

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/shlomif/perl-xml-libxml

Affected ranges

Type: GIT
Repo: https://github.com/shlomif/perl-xml-libxml
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

13e2df84b8d43a97e2111ac20f1e7cb7923628c9

Affected versions

Other

CPAN_1_40

CPAN_1_49

CPAN_1_50

CPAN_1_51

CPAN_1_52

CPAN_1_54

CPAN_1_54_0

CPAN_1_54_1

CPAN_1_54_2

CPAN_1_54_3

CPAN_1_55

CPAN_1_56

CPAN_1_57

CPAN_1_58

CPAN_1_58_1

XML-LibXML-0_91

XML-LibXML-0_96

XML-LibXML-1_40

release_1_30

XML-LibXML-1.*

XML-LibXML-1.71

XML-LibXML-1.72

XML-LibXML-1.73

XML-LibXML-1.74

XML-LibXML-1.75

XML-LibXML-1.76

XML-LibXML-1.77

XML-LibXML-1.78

XML-LibXML-1.79

XML-LibXML-1.80

XML-LibXML-1.81

XML-LibXML-1.82

XML-LibXML-1.83

XML-LibXML-1.84

XML-LibXML-1.85

XML-LibXML-1.86

XML-LibXML-1.87

XML-LibXML-1.88

XML-LibXML-1.89

XML-LibXML-1.90

XML-LibXML-1.91

XML-LibXML-1.92

XML-LibXML-1.93

XML-LibXML-1.94

XML-LibXML-1.95

XML-LibXML-1.96

XML-LibXML-1.97

XML-LibXML-1.98

XML-LibXML-1.99

XML-LibXML-2.*

XML-LibXML-2.0000

XML-LibXML-2.0001

XML-LibXML-2.0002

XML-LibXML-2.0003

XML-LibXML-2.0004

XML-LibXML-2.0005

XML-LibXML-2.0006

XML-LibXML-2.0007

XML-LibXML-2.0008

XML-LibXML-2.0009

XML-LibXML-2.0010

XML-LibXML-2.0011

XML-LibXML-2.0012

XML-LibXML-2.0015

XML-LibXML-2.0016

XML-LibXML-2.0017

XML-LibXML-2.0018

XML-LibXML-2.0019

XML-LibXML-2.0100

XML-LibXML-2.0101

XML-LibXML-2.0102

XML-LibXML-2.0103

XML-LibXML-2.0104

XML-LibXML-2.0105

XML-LibXML-2.0106

XML-LibXML-2.0107

XML-LibXML-2.0108

XML-LibXML-2.0109

XML-LibXML-2.0110

XML-LibXML-2.0111

XML-LibXML-2.0112

XML-LibXML-2.0113

XML-LibXML-2.0114

XML-LibXML-2.0115

XML-LibXML-2.0116

XML-LibXML-2.0117

XML-LibXML-2.0118

XML-LibXML-2.0119

XML-LibXML-2.0120

XML-LibXML-2.0121

XML-LibXML-2.0122

XML-LibXML-2.0123

XML-LibXML-2.0124

XML-LibXML-2.0125

XML-LibXML-2.0126

XML-LibXML-2.0127

XML-LibXML-2.0128

XML-LibXML-2.0129

axkit.*

axkit.org-svn-r824