GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
|
History
07 Nov 2023, 03:20
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
25 Jul 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 May 2022, 14:42
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oracle http Server
Oracle enterprise Manager Base Platform Oracle peoplesoft Enterprise Peopletools Oracle communications Cloud Native Core Network Function Cloud Native Environment |
|
CPE | cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:enterprise_manager_base_platform:13.5.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.10.0:*:*:*:*:*:*:* |
|
References | (MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Patch, Third Party Advisory |
20 Apr 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Apr 2022, 15:34
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202107-05 - Third Party Advisory | |
References | (MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Mailing List, Third Party Advisory | |
References | (MISC) https://gitlab.gnome.org/GNOME/libxml2/-/issues/178 - Exploit, Issue Tracking, Patch, Vendor Advisory | |
CPE | cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:real_user_experience_insight:13.4.1.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:* cpe:2.3:a:oracle:real_user_experience_insight:13.5.1.0:*:*:*:*:*:*:* |
|
First Time |
Oracle
Oracle real User Experience Insight Oracle enterprise Manager Ops Center Oracle mysql Workbench |
20 Oct 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Mar 2021, 18:28
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J3ICASXZI2UQYFJAOQWHSTNWGED3VXOE/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KTUAGDLEHTH6HU66HBFAFTSQ3OKRAN3/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCHXIWR5DHYO3RSO7RAHEC6VJKXD2EH2/ - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RIQAMBA2IJUTQG5VOP5LZVIZRNCKXHEQ/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/674LQPJO2P2XTBTREFR5LOZMBTZ4PZAY/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KQXOHIE3MNY3VQXEN7LDQUJNIHOVHAW/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ENEHQIBMSI6TZVS35Y6I4FCTYUQDLJVP/ - Mailing List, Third Party Advisory |
25 Feb 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2020-09-04 00:15
Updated : 2023-12-10 13:27
NVD link : CVE-2020-24977
Mitre link : CVE-2020-24977
CVE.ORG link : CVE-2020-24977
JSON object : View
Products Affected
netapp
- clustered_data_ontap_antivirus_connector
- snapdrive
- hci_h410c_firmware
- hci_h410c
- active_iq_unified_manager
- inventory_collect_tool
- clustered_data_ontap
- manageability_software_development_kit
xmlsoft
- libxml2
oracle
- enterprise_manager_ops_center
- http_server
- communications_cloud_native_core_network_function_cloud_native_environment
- enterprise_manager_base_platform
- real_user_experience_insight
- peoplesoft_enterprise_peopletools
- mysql_workbench
fedoraproject
- fedora
opensuse
- leap
debian
- debian_linux
CWE
CWE-125
Out-of-bounds Read