Showing 1 - 6 of 6

CVE-2018-14404

Status Candidate

Overview

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.

Related Files

Red Hat Security Advisory 2020-4298-01: Posted Oct 27, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4298-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution, cross site scripting, and denial of service vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss; systems | linux, redhat; advisories | CVE-2013-0169, CVE-2016-10739, CVE-2018-14404, CVE-2018-14498, CVE-2018-16890, CVE-2018-18074, CVE-2018-18624, CVE-2018-18751, CVE-2018-19519, CVE-2018-20060, CVE-2018-20337, CVE-2018-20483, CVE-2018-20657, CVE-2018-20852, CVE-2018-9251, CVE-2019-1010180, CVE-2019-1010204, CVE-2019-11070, CVE-2019-11236, CVE-2019-11324, CVE-2019-11358, CVE-2019-11459, CVE-2019-12447, CVE-2019-12448, CVE-2019-12449, CVE-2019-12450; SHA-256 | b21e4b6db18910bfdf465e20ef86844c5bb5f82b4312bf2f74efe50f227b2c78; Download | Favorite | View

Red Hat Security Advisory 2020-3194-01: Posted Jul 29, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3194-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include a man-in-the-middle vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-14404, CVE-2018-18074, CVE-2018-19519, CVE-2018-20060, CVE-2018-20337, CVE-2018-20852, CVE-2018-7263, CVE-2018-9251, CVE-2019-1010180, CVE-2019-1010204, CVE-2019-11236, CVE-2019-11324, CVE-2019-12447, CVE-2019-12448, CVE-2019-12449, CVE-2019-13232, CVE-2019-13752, CVE-2019-13753, CVE-2019-14563, CVE-2019-14822, CVE-2019-1547, CVE-2019-1549, CVE-2019-1563, CVE-2019-15847, CVE-2019-16056, CVE-2019-17451; SHA-256 | ab12a5414b74ae4ec0875438bd155092413bb637cd1033a63c83f8057805a037; Download | Favorite | View

Red Hat Security Advisory 2020-1827-01: Posted Apr 28, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-1827-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include a null pointer vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-14404, CVE-2018-9251; SHA-256 | e61d7322d8fb362673cbac6fa586d7b41e746f50736e56eb90a7ee2d2637c983; Download | Favorite | View

Red Hat Security Advisory 2020-1190-01: Posted Apr 1, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-1190-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include denial of service and null pointer vulnerabilities.; tags | advisory, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2015-8035, CVE-2016-5131, CVE-2017-15412, CVE-2017-18258, CVE-2018-14404, CVE-2018-14567; SHA-256 | fbd7e3f99103003d741a749e1a53bd6ea44fe9e8b78c824c7596d580e0f463fc; Download | Favorite | View

Red Hat Security Advisory 2019-1543-01: Posted Jun 19, 2019; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2019-1543-01 - This release adds the new Apache HTTP Server 2.4.29 Service Pack 2 packages that are part of the JBoss Core Services offering. This release serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP1, and includes bug fixes and enhancements. Issues addressed include denial of service, null pointer, and out of bounds write vulnerabilities.; tags | advisory, web, denial of service, vulnerability; systems | linux, redhat; advisories | CVE-2018-0495, CVE-2018-0732, CVE-2018-1000005, CVE-2018-1000007, CVE-2018-1000120, CVE-2018-1000122, CVE-2018-14404, CVE-2019-0211; SHA-256 | 87a60175fe0e0dde7ae7865168e89fd3521aa1306210d2d9c8b32e05f763b1a9; Download | Favorite | View

Ubuntu Security Notice USN-3739-2: Posted Aug 15, 2018; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3739-2 - USN-3739-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04. Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2016-9318, CVE-2018-14404; SHA-256 | e36eb0652d13a5b7b005ee4655aa963f025cdcdc84d322e3e41183f97d839ad2; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 239 files
indoushka 139 files
Ubuntu 79 files
Gentoo 33 files
Debian 26 files
Sebastian Hamann 8 files
Jann Horn 7 files
Google Security Research 6 files
Moritz Abrell 6 files
Jaggar Henry 6 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,110)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,941)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,657)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,783)
UNIX (9,443)
UnixWare (187)
Windows (6,679)
Other

CVE-2018-14404

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems