Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-XJQG-9JVG-FGX2
Vulnerability from github – Published: 2018-08-21 19:03 – Updated: 2023-03-13 23:53
VLAI?
Summary
Nokogiri subject to DoS via libxml2 vulnerability
Details
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 (as used in nokogiri before 1.6.7.1) does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 1.6.7.0"
},
"package": {
"ecosystem": "RubyGems",
"name": "nokogiri"
},
"ranges": [
{
"events": [
{
"introduced": "1.6.0"
},
{
"fixed": "1.6.7.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2015-5312"
],
"database_specific": {
"cwe_ids": [
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T22:03:39Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 (as used in nokogiri before 1.6.7.1) does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.",
"id": "GHSA-xjqg-9jvg-fgx2",
"modified": "2023-03-13T23:53:36Z",
"published": "2018-08-21T19:03:04Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5312"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693"
},
{
"type": "WEB",
"url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2015-5312.yml"
},
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"
},
{
"type": "WEB",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-37"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT206166"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT206167"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT206168"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT206169"
},
{
"type": "WEB",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3430"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2834-1"
},
{
"type": "WEB",
"url": "http://xmlsoft.org/news.html"
}
],
"schema_version": "1.4.0",
"severity": [],
"summary": "Nokogiri subject to DoS via libxml2 vulnerability"
}
CVE-2015-5312 (GCVE-0-2015-5312)
Vulnerability from cvelistv5 – Published: 2015-12-15 21:00 – Updated: 2024-08-06 06:41
VLAI?
EPSS
Summary
The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:41:09.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:2550",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
},
{
"name": "APPLE-SA-2016-03-21-5",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name": "openSUSE-SU-2016:0106",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206167"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206168"
},
{
"name": "DSA-3430",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3430"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693"
},
{
"name": "APPLE-SA-2016-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://xmlsoft.org/news.html"
},
{
"name": "RHSA-2016:1089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "APPLE-SA-2016-03-21-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"
},
{
"name": "USN-2834-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2834-1"
},
{
"name": "1034243",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034243"
},
{
"name": "RHSA-2015:2549",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
},
{
"name": "HPSBGN03537",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "GLSA-201701-37",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-37"
},
{
"name": "openSUSE-SU-2015:2372",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
},
{
"name": "APPLE-SA-2016-03-21-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206169"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT206166"
},
{
"name": "79536",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/79536"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-13T09:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2015:2550",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
},
{
"name": "APPLE-SA-2016-03-21-5",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name": "openSUSE-SU-2016:0106",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206167"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206168"
},
{
"name": "DSA-3430",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3430"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693"
},
{
"name": "APPLE-SA-2016-03-21-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://xmlsoft.org/news.html"
},
{
"name": "RHSA-2016:1089",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "APPLE-SA-2016-03-21-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"
},
{
"name": "USN-2834-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2834-1"
},
{
"name": "1034243",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1034243"
},
{
"name": "RHSA-2015:2549",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
},
{
"name": "HPSBGN03537",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "GLSA-201701-37",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-37"
},
{
"name": "openSUSE-SU-2015:2372",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
},
{
"name": "APPLE-SA-2016-03-21-3",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206169"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT206166"
},
{
"name": "79536",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/79536"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2015-5312",
"datePublished": "2015-12-15T21:00:00",
"dateReserved": "2015-07-01T00:00:00",
"dateUpdated": "2024-08-06T06:41:09.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
GSD-2015-5312
Vulnerability from gsd - Updated: 2015-12-15 00:00Details
Nokogiri version 1.6.7.1 has been released, pulling in several upstream
patches to the vendored libxml2 to address the following CVEs:
CVE-2015-5312
CVSS v2 Base Score: 7.1 (HIGH)
The xmlStringLenDecodeEntities function in parser.c in libxml2
before 2.9.3 does not properly prevent entity expansion, which
allows context-dependent attackers to cause a denial of
service (CPU consumption) via crafted XML data, a different
vulnerability than CVE-2014-3660.
CVE-2015-7497
CVSS v2 Base Score: 5.0 (MEDIUM)
Heap-based buffer overflow in the xmlDictComputeFastQKey
function in dict.c in libxml2 before 2.9.3 allows
context-dependent attackers to cause a denial of service via
unspecified vectors.
CVE-2015-7498
CVSS v2 Base Score: 5.0 (MEDIUM)
Heap-based buffer overflow in the xmlParseXmlDecl function in
parser.c in libxml2 before 2.9.3 allows context-dependent
attackers to cause a denial of service via unspecified vectors
related to extracting errors after an encoding conversion
failure.
CVE-2015-7499
CVSS v2 Base Score: 5.0 (MEDIUM)
Heap-based buffer overflow in the xmlGROW function in parser.c
in libxml2 before 2.9.3 allows context-dependent attackers to
obtain sensitive process memory information via unspecified
vectors.
CVE-2015-7500
CVSS v2 Base Score: 5.0 (MEDIUM)
The xmlParseMisc function in parser.c in libxml2 before 2.9.3
allows context-dependent attackers to cause a denial of
service (out-of-bounds heap read) via unspecified vectors
related to incorrect entities boundaries and start tags.
CVE-2015-8241
CVSS v2 Base Score: 6.4 (MEDIUM)
The xmlNextChar function in libxml2 2.9.2 does not properly
check the state, which allows context-dependent attackers to
cause a denial of service (heap-based buffer over-read and
application crash) or obtain sensitive information via crafted
XML data.
CVE-2015-8242
CVSS v2 Base Score: 5.8 (MEDIUM)
The xmlSAX2TextNode function in SAX2.c in the push interface in
the HTML parser in libxml2 before 2.9.3 allows
context-dependent attackers to cause a denial of
service (stack-based buffer over-read and application crash) or
obtain sensitive information via crafted XML data.
CVE-2015-8317
CVSS v2 Base Score: 5.0 (MEDIUM)
The xmlParseXMLDecl function in parser.c in libxml2 before
2.9.3 allows context-dependent attackers to obtain sensitive
information via an (1) unterminated encoding value or (2)
incomplete XML declaration in XML data, which triggers an
out-of-bounds heap read.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-5312",
"description": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.",
"id": "GSD-2015-5312",
"references": [
"https://www.suse.com/security/cve/CVE-2015-5312.html",
"https://www.debian.org/security/2015/dsa-3430",
"https://access.redhat.com/errata/RHSA-2016:1089",
"https://access.redhat.com/errata/RHSA-2015:2550",
"https://access.redhat.com/errata/RHSA-2015:2549",
"https://ubuntu.com/security/CVE-2015-5312",
"https://advisories.mageia.org/CVE-2015-5312.html",
"https://alas.aws.amazon.com/cve/html/CVE-2015-5312.html",
"https://linux.oracle.com/cve/CVE-2015-5312.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "nokogiri",
"purl": "pkg:gem/nokogiri"
}
}
],
"aliases": [
"CVE-2015-5312",
"GHSA-xjqg-9jvg-fgx2"
],
"details": "Nokogiri version 1.6.7.1 has been released, pulling in several upstream\npatches to the vendored libxml2 to address the following CVEs:\n\nCVE-2015-5312\nCVSS v2 Base Score: 7.1 (HIGH)\nThe xmlStringLenDecodeEntities function in parser.c in libxml2\nbefore 2.9.3 does not properly prevent entity expansion, which\nallows context-dependent attackers to cause a denial of\nservice (CPU consumption) via crafted XML data, a different\nvulnerability than CVE-2014-3660.\n\nCVE-2015-7497\nCVSS v2 Base Score: 5.0 (MEDIUM)\nHeap-based buffer overflow in the xmlDictComputeFastQKey\nfunction in dict.c in libxml2 before 2.9.3 allows\ncontext-dependent attackers to cause a denial of service via\nunspecified vectors.\n\nCVE-2015-7498\nCVSS v2 Base Score: 5.0 (MEDIUM)\nHeap-based buffer overflow in the xmlParseXmlDecl function in\nparser.c in libxml2 before 2.9.3 allows context-dependent\nattackers to cause a denial of service via unspecified vectors\nrelated to extracting errors after an encoding conversion\nfailure.\n\nCVE-2015-7499\nCVSS v2 Base Score: 5.0 (MEDIUM)\nHeap-based buffer overflow in the xmlGROW function in parser.c\nin libxml2 before 2.9.3 allows context-dependent attackers to\nobtain sensitive process memory information via unspecified\nvectors.\n\nCVE-2015-7500\nCVSS v2 Base Score: 5.0 (MEDIUM)\nThe xmlParseMisc function in parser.c in libxml2 before 2.9.3\nallows context-dependent attackers to cause a denial of\nservice (out-of-bounds heap read) via unspecified vectors\nrelated to incorrect entities boundaries and start tags.\n\nCVE-2015-8241\nCVSS v2 Base Score: 6.4 (MEDIUM)\nThe xmlNextChar function in libxml2 2.9.2 does not properly\ncheck the state, which allows context-dependent attackers to\ncause a denial of service (heap-based buffer over-read and\napplication crash) or obtain sensitive information via crafted\nXML data.\n\nCVE-2015-8242\nCVSS v2 Base Score: 5.8 (MEDIUM)\nThe xmlSAX2TextNode function in SAX2.c in the push interface in\nthe HTML parser in libxml2 before 2.9.3 allows\ncontext-dependent attackers to cause a denial of\nservice (stack-based buffer over-read and application crash) or\nobtain sensitive information via crafted XML data.\n\nCVE-2015-8317\nCVSS v2 Base Score: 5.0 (MEDIUM)\nThe xmlParseXMLDecl function in parser.c in libxml2 before\n2.9.3 allows context-dependent attackers to obtain sensitive\ninformation via an (1) unterminated encoding value or (2)\nincomplete XML declaration in XML data, which triggers an\nout-of-bounds heap read.\n",
"id": "GSD-2015-5312",
"modified": "2015-12-15T00:00:00.000Z",
"published": "2015-12-15T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"
},
{
"type": "WEB",
"url": "https://github.com/sparklemotion/nokogiri/pull/1378"
},
{
"type": "WEB",
"url": "https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5"
}
],
"related": [
"CVE-2015-7497",
"CVE-2015-7498",
"CVE-2015-7499",
"CVE-2015-7500",
"CVE-2015-8241",
"CVE-2015-8242",
"CVE-2015-8317"
],
"schema_version": "1.4.0",
"severity": [
{
"score": 7.1,
"type": "CVSS_V2"
}
],
"summary": "Nokogiri gem contains several vulnerabilities in libxml2"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://xmlsoft.org/news.html",
"refsource": "MISC",
"url": "http://xmlsoft.org/news.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "MISC",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "MISC",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html",
"refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
},
{
"name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html",
"refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"
},
{
"name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html",
"refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"
},
{
"name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html",
"refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
},
{
"name": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
},
{
"name": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2",
"refsource": "MISC",
"url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2015-2549.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2015-2550.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2016-1089.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
},
{
"name": "http://www.debian.org/security/2015/dsa-3430",
"refsource": "MISC",
"url": "http://www.debian.org/security/2015/dsa-3430"
},
{
"name": "http://www.securityfocus.com/bid/79536",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/79536"
},
{
"name": "http://www.securitytracker.com/id/1034243",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1034243"
},
{
"name": "http://www.ubuntu.com/usn/USN-2834-1",
"refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-2834-1"
},
{
"name": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e",
"refsource": "MISC",
"url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172",
"refsource": "MISC",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
},
{
"name": "https://security.gentoo.org/glsa/201701-37",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/201701-37"
},
{
"name": "https://support.apple.com/HT206166",
"refsource": "MISC",
"url": "https://support.apple.com/HT206166"
},
{
"name": "https://support.apple.com/HT206167",
"refsource": "MISC",
"url": "https://support.apple.com/HT206167"
},
{
"name": "https://support.apple.com/HT206168",
"refsource": "MISC",
"url": "https://support.apple.com/HT206168"
},
{
"name": "https://support.apple.com/HT206169",
"refsource": "MISC",
"url": "https://support.apple.com/HT206169"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2015-5312",
"cvss_v2": 7.1,
"date": "2015-12-15",
"description": "Nokogiri version 1.6.7.1 has been released, pulling in several upstream\npatches to the vendored libxml2 to address the following CVEs:\n\nCVE-2015-5312\nCVSS v2 Base Score: 7.1 (HIGH)\nThe xmlStringLenDecodeEntities function in parser.c in libxml2\nbefore 2.9.3 does not properly prevent entity expansion, which\nallows context-dependent attackers to cause a denial of\nservice (CPU consumption) via crafted XML data, a different\nvulnerability than CVE-2014-3660.\n\nCVE-2015-7497\nCVSS v2 Base Score: 5.0 (MEDIUM)\nHeap-based buffer overflow in the xmlDictComputeFastQKey\nfunction in dict.c in libxml2 before 2.9.3 allows\ncontext-dependent attackers to cause a denial of service via\nunspecified vectors.\n\nCVE-2015-7498\nCVSS v2 Base Score: 5.0 (MEDIUM)\nHeap-based buffer overflow in the xmlParseXmlDecl function in\nparser.c in libxml2 before 2.9.3 allows context-dependent\nattackers to cause a denial of service via unspecified vectors\nrelated to extracting errors after an encoding conversion\nfailure.\n\nCVE-2015-7499\nCVSS v2 Base Score: 5.0 (MEDIUM)\nHeap-based buffer overflow in the xmlGROW function in parser.c\nin libxml2 before 2.9.3 allows context-dependent attackers to\nobtain sensitive process memory information via unspecified\nvectors.\n\nCVE-2015-7500\nCVSS v2 Base Score: 5.0 (MEDIUM)\nThe xmlParseMisc function in parser.c in libxml2 before 2.9.3\nallows context-dependent attackers to cause a denial of\nservice (out-of-bounds heap read) via unspecified vectors\nrelated to incorrect entities boundaries and start tags.\n\nCVE-2015-8241\nCVSS v2 Base Score: 6.4 (MEDIUM)\nThe xmlNextChar function in libxml2 2.9.2 does not properly\ncheck the state, which allows context-dependent attackers to\ncause a denial of service (heap-based buffer over-read and\napplication crash) or obtain sensitive information via crafted\nXML data.\n\nCVE-2015-8242\nCVSS v2 Base Score: 5.8 (MEDIUM)\nThe xmlSAX2TextNode function in SAX2.c in the push interface in\nthe HTML parser in libxml2 before 2.9.3 allows\ncontext-dependent attackers to cause a denial of\nservice (stack-based buffer over-read and application crash) or\nobtain sensitive information via crafted XML data.\n\nCVE-2015-8317\nCVSS v2 Base Score: 5.0 (MEDIUM)\nThe xmlParseXMLDecl function in parser.c in libxml2 before\n2.9.3 allows context-dependent attackers to obtain sensitive\ninformation via an (1) unterminated encoding value or (2)\nincomplete XML declaration in XML data, which triggers an\nout-of-bounds heap read.\n",
"gem": "nokogiri",
"ghsa": "xjqg-9jvg-fgx2",
"patched_versions": [
"\u003e= 1.6.7.1"
],
"related": {
"cve": [
"2015-7497",
"2015-7498",
"2015-7499",
"2015-7500",
"2015-8241",
"2015-8242",
"2015-8317"
],
"url": [
"https://github.com/sparklemotion/nokogiri/pull/1378",
"https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5"
]
},
"title": "Nokogiri gem contains several vulnerabilities in libxml2",
"unaffected_versions": [
"\u003c 1.6.0"
],
"url": "https://groups.google.com/forum/#!topic/ruby-security-ann/aSbgDiwb24s"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=1.6.0.rc1 \u003c1.6.7.1",
"affected_versions": "All versions starting from 1.6.0.rc1 before 1.6.7.1",
"credit": "Lars Kanis",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"cwe_ids": [
"CWE-1035",
"CWE-399",
"CWE-937"
],
"date": "2019-03-08",
"description": "Several vulnerabilities were discovered in the libxml2 library that this package gem depends on.",
"fixed_versions": [
"1.6.7.1"
],
"identifier": "CVE-2015-5312",
"identifiers": [
"CVE-2015-5312"
],
"not_impacted": "All versions before 1.6.0.rc1, all versions starting from 1.6.7.1",
"package_slug": "gem/nokogiri",
"pubdate": "2015-12-15",
"solution": "Upgrade to version 1.6.7.1 or above.",
"title": "Vulnerabilities in libxml2",
"urls": [
"https://github.com/sparklemotion/nokogiri/commit/4205af1a2a546f79d1b48df2ad8b27299c0099c5",
"https://github.com/sparklemotion/nokogiri/pull/1378"
],
"uuid": "1eafa71e-c497-4a77-a6a9-c81ab5423a5f"
},
{
"affected_range": "(,2.9.2]",
"affected_versions": "All versions up to 2.9.2",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2019-03-08",
"description": "The xmlStringLenDecodeEntities function in parser.c in libxml2 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660.",
"fixed_versions": [],
"identifier": "CVE-2015-5312",
"identifiers": [
"CVE-2015-5312"
],
"not_impacted": "",
"package_slug": "nuget/libxml2",
"pubdate": "2015-12-15",
"solution": "Unfortunately, there is no solution available yet.",
"title": "Uncontrolled Resource Consumption",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2015-5312"
],
"uuid": "22e23254-0e4b-4c40-8b5d-1f401479b54d"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.11.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "9.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.9.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:icewall_file_manager:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5312"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data, a different vulnerability than CVE-2014-3660."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:2549",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2549.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276693"
},
{
"name": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e",
"refsource": "CONFIRM",
"tags": [],
"url": "https://git.gnome.org/browse/libxml2/commit/?id=69030714cde66d525a8884bda01b9e8f0abf8e1e"
},
{
"name": "USN-2834-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2834-1"
},
{
"name": "RHSA-2015:2550",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html"
},
{
"name": "http://xmlsoft.org/news.html",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://xmlsoft.org/news.html"
},
{
"name": "https://support.apple.com/HT206166",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206166"
},
{
"name": "https://support.apple.com/HT206169",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206169"
},
{
"name": "APPLE-SA-2016-03-21-1",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"
},
{
"name": "https://support.apple.com/HT206168",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206168"
},
{
"name": "APPLE-SA-2016-03-21-2",
"refsource": "APPLE",
"tags": [],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html"
},
{
"name": "APPLE-SA-2016-03-21-3",
"refsource": "APPLE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html"
},
{
"name": "https://support.apple.com/HT206167",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://support.apple.com/HT206167"
},
{
"name": "APPLE-SA-2016-03-21-5",
"refsource": "APPLE",
"tags": [
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"name": "DSA-3430",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2015/dsa-3430"
},
{
"name": "HPSBGN03537",
"refsource": "HP",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=145382616617563\u0026w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
},
{
"name": "79536",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/79536"
},
{
"name": "RHSA-2016:1089",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html"
},
{
"name": "openSUSE-SU-2015:2372",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html"
},
{
"name": "openSUSE-SU-2016:0106",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html"
},
{
"name": "GLSA-201701-37",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201701-37"
},
{
"name": "1034243",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1034243"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2019-03-08T16:06Z",
"publishedDate": "2015-12-15T21:59Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…