CVE-2015-8241 (Medium) detected in libxml2-v2.9.2 #7
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2015-8241 - Medium Severity Vulnerability
XML parser and markup toolkit
Library home page: https://github.com/GNOME/libxml2.git
Found in HEAD commit: e2ecf13c97834779d16859ebddc92a6dcdcb193f
* The source files were matched to this source library based on a best effort match. Source libraries are selected from a list of probable public libraries.
The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of service (heap-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
Publish Date: 2015-12-15
URL: CVE-2015-8241
Base Score Metrics not available
Type: Upgrade version
Origin: http://www.securitytracker.com/id/1034243
Fix Resolution: The vendor has issued a fix (2.9.3).
The vendor's advisory is available at:
http://www.xmlsoft.org/news.html
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: