xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
History
07 Nov 2023, 03:07
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-401 | |
References |
|
|
20 Apr 2021, 20:47
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20200114-0002/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00005.html - Broken Link | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/ - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html - Broken Link | |
References | (UBUNTU) https://usn.ubuntu.com/4274-1/ - Third Party Advisory | |
References | (MISC) https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549 - Patch, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpujul2020.html - Third Party Advisory | |
References | (CONFIRM) https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08 - Third Party Advisory, US Government Resource | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/ - Third Party Advisory | |
References | (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf - Third Party Advisory | |
CPE | cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:* cpe:2.3:a:oracle:real_user_experience_insight:13.3.1.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:* |
15 Apr 2021, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Apr 2021, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-12-24 16:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-19956
Mitre link : CVE-2019-19956
CVE.ORG link : CVE-2019-19956
JSON object : View
Products Affected
debian
- debian_linux
xmlsoft
- libxml2
oracle
- real_user_experience_insight
fedoraproject
- fedora
netapp
- clustered_data_ontap_antivirus_connector
- manageability_software_development_kit
- active_iq_unified_manager
- ontap_select_deploy_administration_utility
- clustered_data_ontap
- steelstore_cloud_integrated_storage
siemens
- sinema_remote_connect_server
canonical
- ubuntu_linux
CWE
CWE-401
Missing Release of Memory after Effective Lifetime