It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. (CVE-2017-0663)
It was discovered that libxml2 did not properly validate parsed entity references. An attacker could use this to specially construct XML data that could expose sensitive information. (CVE-2017-7375)
It was discovered that a buffer overflow existed in libxml2 when handling HTTP redirects. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. (CVE-2017-7376)
Marcel Böhme and Van-Thuan Pham discovered a buffer overflow in libxml2 when handling elements. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. (CVE-2017-9047)
Marcel Böhme and Van-Thuan Pham discovered a buffer overread in libxml2 when handling elements. An attacker could use this to specially construct XML data that could cause a denial of service. (CVE-2017-9048)
Marcel Böhme and Van-Thuan Pham discovered multiple buffer overreads in libxml2 when handling parameter-entity references. An attacker could use these to specially construct XML data that could cause a denial of service. (CVE-2017-9049, CVE-2017-9050)
{ "availability": "No subscription required", "binaries": [ { "libxml2-dev": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-utils-dbgsym": "2.9.1+dfsg1-3ubuntu4.10", "python-libxml2-dbgsym": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-utils": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-doc": "2.9.1+dfsg1-3ubuntu4.10", "python-libxml2": "2.9.1+dfsg1-3ubuntu4.10", "libxml2": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-udeb-dbgsym": "2.9.1+dfsg1-3ubuntu4.10", "python-libxml2-dbg": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-dbgsym": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-utils-dbg": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-dev-dbgsym": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-dbg": "2.9.1+dfsg1-3ubuntu4.10", "libxml2-udeb": "2.9.1+dfsg1-3ubuntu4.10" } ] }
{ "availability": "No subscription required", "binaries": [ { "libxml2": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-udeb-dbgsym": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-dev": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-utils-dbgsym": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-dbg": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-utils": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-doc": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-dev-dbgsym": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-dbgsym": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-udeb": "2.9.3+dfsg1-1ubuntu0.3", "libxml2-utils-dbg": "2.9.3+dfsg1-1ubuntu0.3", "python-libxml2": "2.9.3+dfsg1-1ubuntu0.3", "python-libxml2-dbg": "2.9.3+dfsg1-1ubuntu0.3" } ] }