CVE-2016-3627

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-3627

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3627.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-3627

Related

Published

2016-05-17T14:08:02Z

Modified

2024-11-20T00:55:34.241882Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.

References

Affected packages

Debian:11 / libxml2

Package

Name: libxml2
Purl: pkg:deb/debian/libxml2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.3+dfsg1-1.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / libxml2

Package

Name: libxml2
Purl: pkg:deb/debian/libxml2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.3+dfsg1-1.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / libxml2

Package

Name: libxml2
Purl: pkg:deb/debian/libxml2?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.9.3+dfsg1-1.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / gitlab.gnome.org/GNOME/libxml2

Affected ranges

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/libxml2
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

6657afe83a38278f124ace71dc85f60420beb2d5

Affected versions

Other

CVE-2013-2877

CVE-2014-0191

CVE-2014-3660

CVE-2015-1819

CVE-2015-5312

CVE-2015-7497

CVE-2015-7498

CVE-2015-7499-1

CVE-2015-7499-2

CVE-2015-7500

CVE-2015-7941_1

CVE-2015-7941_2

CVE-2015-7942

CVE-2015-7942-2

CVE-2015-8035

CVE-2015-8242

CVE-2015-8317

EAZEL-NAUTILUS-MS-AUG07

FOR_GNOME_0_99_1

GNOME_0_30

GNOME_PRINT_0_24

GNUMERIC_FIRST_PUBLIC_RELEASE

LIBXML2_2_4_21

LIBXML2_2_5_0

LIBXML2_2_5_10

LIBXML2_2_5_7

LIBXML2_2_5_8

LIBXML2_2_5_9

LIBXML2_2_5_x

LIBXML2_2_6_1

LIBXML2_2_6_11

LIBXML2_2_6_12

LIBXML2_2_6_13

LIBXML2_2_6_14

LIBXML2_2_6_15

LIBXML2_2_6_16

LIBXML2_2_6_18

LIBXML2_2_6_19

LIBXML2_2_6_2

LIBXML2_2_6_20

LIBXML2_2_6_21

LIBXML2_2_6_22

LIBXML2_2_6_23

LIBXML2_2_6_24

LIBXML2_2_6_26

LIBXML2_2_6_27

LIBXML2_2_6_28

LIBXML2_2_6_3

LIBXML2_2_6_4

LIBXML2_2_6_5

LIBXML2_2_6_6

LIBXML2_2_6_7

LIBXML2_2_6_8

LIBXML2_2_6_9

LIBXML2_6_0

LIBXML_0_99

LIBXML_1_5_0

LIBXML_1_8_5

LIBXML_1_8_6

LIBXML_2_0_0

LIBXML_2_1_0

LIBXML_2_1_1

LIBXML_2_2_1

LIBXML_2_2_3

LIBXML_2_2_4

LIBXML_2_2_6

LIBXML_2_2_7

LIBXML_2_2_8

LIBXML_2_3_0

LIBXML_2_3_10

LIBXML_2_3_11

LIBXML_2_3_12

LIBXML_2_3_13

LIBXML_2_3_14

LIBXML_2_3_2

LIBXML_2_3_3

LIBXML_2_3_4

LIBXML_2_3_5

LIBXML_2_3_6

LIBXML_2_3_7

LIBXML_2_3_8

LIBXML_2_3_9

LIBXML_2_4_0

LIBXML_2_4_11

LIBXML_2_4_12

LIBXML_2_4_13

LIBXML_2_4_14

LIBXML_2_4_16

LIBXML_2_4_18

LIBXML_2_4_2

LIBXML_2_4_20

LIBXML_2_4_22

LIBXML_2_4_23

LIBXML_2_4_24

LIBXML_2_4_25

LIBXML_2_4_26

LIBXML_2_4_27

LIBXML_2_4_29

LIBXML_2_4_3

LIBXML_2_4_30

LIBXML_2_4_4

LIBXML_2_4_6

LIBXML_2_4_7

LIBXML_2_5_1

LIBXML_2_5_2

LIBXML_2_5_3

LIBXML_2_5_4

LIBXML_2_5_5

LIBXML_2_5_6

LIBXML_2_6_10

LIBXML_TEST_2_0_0

LIB_XML_1_1

LIB_XML_1_3

LIB_XML_1_4

LIB_XML_1_6_1

LIB_XML_1_6_2

LIB_XML_1_7_0

LIB_XML_1_7_1

LIB_XML_1_7_3

LIB_XML_1_8_3

LIB_XML_1_X

PRE_MUCKUP

PRE_MUCKUP2

PRE_MUCKUP3

help

LIBXML2.*

LIBXML2.6.32

LIBXML2.7.0

LIBXML2.7.1

LIBXML2.7.2

LIBXML2.7.3

v2.*

v2.7.4

v2.7.5

v2.7.6

v2.7.7

v2.7.8

v2.8.0

v2.8.0-rc1

v2.8.0-rc2

v2.9.0

v2.9.0-rc2

v2.9.1

v2.9.2

v2.9.2-rc1

v2.9.2-rc2

v2.9.3