libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMAMEMLIMITERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
{ "vanir_signatures": [ { "source": "https://gitlab.gnome.org/GNOME/libxml2@2240fbf5912054af025fb6e01e26375100275e74", "digest": { "function_hash": "92334495056954850005331007548415777608", "length": 2752.0 }, "deprecated": false, "signature_type": "Function", "id": "CVE-2018-14567-76984c62", "target": { "file": "xzlib.c", "function": "xz_decomp" }, "signature_version": "v1" }, { "source": "https://gitlab.gnome.org/GNOME/libxml2@2240fbf5912054af025fb6e01e26375100275e74", "digest": { "line_hashes": [ "180852597283234191320325602637907269614", "338566676761864653687960394883719715518", "128194818745751110047126713028665673632", "53886373313040199494115610631405926464", "154090113065312238612875589847642699686", "56055175083893272436552181506669000581", "293264161075667267437457899580703606926", "237979520882579413700949028830992222305" ], "threshold": 0.9 }, "deprecated": false, "signature_type": "Line", "id": "CVE-2018-14567-efb3db37", "target": { "file": "xzlib.c" }, "signature_version": "v1" } ] }