gsd-2015-1819
Vulnerability from gsd
Modified
2015-04-14 00:00
Details
Several vulnerabilities were discovered in the libxml2 and libxslt libraries
that the Nokogiri gem depends on.
CVE-2015-1819
A denial of service flaw was found in the way libxml2 parsed XML
documents. This flaw could cause an application that uses libxml2 to use an
excessive amount of memory.
CVE-2015-7941
libxml2 does not properly stop parsing invalid input, which allows
context-dependent attackers to cause a denial of service (out-of-bounds read
and libxml2 crash) via crafted specially XML data.
CVE-2015-7942
The xmlParseConditionalSections function in parser.c in libxml2
does not properly skip intermediary entities when it stops parsing invalid
input, which allows context-dependent attackers to cause a denial of service
(out-of-bounds read and crash) via crafted XML data.
CVE-2015-7995
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not
check whether the parent node is an element, which allows attackers to cause
a denial of service using a specially crafted XML document.
CVE-2015-8035
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not
properly detect compression errors, which allows context-dependent attackers
to cause a denial of service (process hang) via crafted XML data.
Another vulnerability was discoverd in libxml2 that could cause parsing
of unclosed comments to result in "conditional jump or move depends on
uninitialized value(s)" and unsafe memory access. This issue does not have a
CVE assigned yet. See related URLs for details. Patched in v1.6.7.rc4.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2015-1819", "description": "The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.", "id": "GSD-2015-1819", "references": [ "https://www.suse.com/security/cve/CVE-2015-1819.html", "https://www.debian.org/security/2015/dsa-3430", "https://access.redhat.com/errata/RHSA-2015:2550", "https://access.redhat.com/errata/RHSA-2015:1419", "https://ubuntu.com/security/CVE-2015-1819", "https://advisories.mageia.org/CVE-2015-1819.html", "https://alas.aws.amazon.com/cve/html/CVE-2015-1819.html", "https://linux.oracle.com/cve/CVE-2015-1819.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "affected": [ { "package": { "ecosystem": "RubyGems", "name": "nokogiri", "purl": "pkg:gem/nokogiri" } } ], "aliases": [ "CVE-2015-1819", "GHSA-q7wx-62r7-j2x7" ], "details": "Several vulnerabilities were discovered in the libxml2 and libxslt libraries\nthat the Nokogiri gem depends on.\n\nCVE-2015-1819\nA denial of service flaw was found in the way libxml2 parsed XML\ndocuments. This flaw could cause an application that uses libxml2 to use an\nexcessive amount of memory.\n\nCVE-2015-7941\nlibxml2 does not properly stop parsing invalid input, which allows\ncontext-dependent attackers to cause a denial of service (out-of-bounds read\nand libxml2 crash) via crafted specially XML data.\n\nCVE-2015-7942\nThe xmlParseConditionalSections function in parser.c in libxml2\ndoes not properly skip intermediary entities when it stops parsing invalid\ninput, which allows context-dependent attackers to cause a denial of service\n(out-of-bounds read and crash) via crafted XML data.\n\nCVE-2015-7995\nThe xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not\ncheck whether the parent node is an element, which allows attackers to cause\na denial of service using a specially crafted XML document.\n\nCVE-2015-8035\nThe xz_decomp function in xzlib.c in libxml2 2.9.1 does not\nproperly detect compression errors, which allows context-dependent attackers\nto cause a denial of service (process hang) via crafted XML data.\n\nAnother vulnerability was discoverd in libxml2 that could cause parsing\nof unclosed comments to result in \"conditional jump or move depends on\nuninitialized value(s)\" and unsafe memory access. This issue does not have a\nCVE assigned yet. See related URLs for details. Patched in v1.6.7.rc4.\n", "id": "GSD-2015-1819", "modified": "2015-04-14T00:00:00.000Z", "published": "2015-04-14T00:00:00.000Z", "references": [ { "type": "WEB", "url": "https://github.com/sparklemotion/nokogiri/issues/1374" }, { "type": "WEB", "url": "https://github.com/sparklemotion/nokogiri/pull/1376" }, { "type": "WEB", "url": "https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59" } ], "related": [ "CVE-2015-7941", "CVE-2015-7942", "CVE-2015-7995", "CVE-2015-8035" ], "schema_version": "1.4.0", "summary": "Nokogiri gem contains several vulnerabilities in libxml2 and libxslt" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-1819", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_affected": "=", "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://xmlsoft.org/news.html", "refsource": "MISC", "url": "http://xmlsoft.org/news.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "MISC", "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html", "refsource": "MISC", "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html", "refsource": "MISC", "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html", "refsource": "MISC", "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "name": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html", "refsource": "MISC", "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "name": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "name": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "name": "http://rhn.redhat.com/errata/RHSA-2015-2550.html", "refsource": "MISC", "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "name": "http://www.debian.org/security/2015/dsa-3430", "refsource": "MISC", "url": "http://www.debian.org/security/2015/dsa-3430" }, { "name": "http://www.securitytracker.com/id/1034243", "refsource": "MISC", "url": "http://www.securitytracker.com/id/1034243" }, { "name": "https://security.gentoo.org/glsa/201701-37", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/201701-37" }, { "name": "https://support.apple.com/HT206166", "refsource": "MISC", "url": "https://support.apple.com/HT206166" }, { "name": "https://support.apple.com/HT206167", "refsource": "MISC", "url": "https://support.apple.com/HT206167" }, { "name": "https://support.apple.com/HT206168", "refsource": "MISC", "url": "https://support.apple.com/HT206168" }, { "name": "https://support.apple.com/HT206169", "refsource": "MISC", "url": "https://support.apple.com/HT206169" }, { "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html", "refsource": "MISC", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html" }, { "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html", "refsource": "MISC", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html" }, { "name": "http://rhn.redhat.com/errata/RHSA-2015-1419.html", "refsource": "MISC", "url": "http://rhn.redhat.com/errata/RHSA-2015-1419.html" }, { "name": "http://www.securityfocus.com/bid/75570", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/75570" }, { "name": "http://www.ubuntu.com/usn/USN-2812-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-2812-1" }, { "name": "https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9", "refsource": "MISC", "url": "https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9" }, { "name": "https://security.gentoo.org/glsa/201507-08", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/201507-08" } ] } }, "github.com/rubysec/ruby-advisory-db": { "cve": "2015-1819", "date": "2015-04-14", "description": "Several vulnerabilities were discovered in the libxml2 and libxslt libraries\nthat the Nokogiri gem depends on.\n\nCVE-2015-1819\nA denial of service flaw was found in the way libxml2 parsed XML\ndocuments. This flaw could cause an application that uses libxml2 to use an\nexcessive amount of memory.\n\nCVE-2015-7941\nlibxml2 does not properly stop parsing invalid input, which allows\ncontext-dependent attackers to cause a denial of service (out-of-bounds read\nand libxml2 crash) via crafted specially XML data.\n\nCVE-2015-7942\nThe xmlParseConditionalSections function in parser.c in libxml2\ndoes not properly skip intermediary entities when it stops parsing invalid\ninput, which allows context-dependent attackers to cause a denial of service\n(out-of-bounds read and crash) via crafted XML data.\n\nCVE-2015-7995\nThe xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not\ncheck whether the parent node is an element, which allows attackers to cause\na denial of service using a specially crafted XML document.\n\nCVE-2015-8035\nThe xz_decomp function in xzlib.c in libxml2 2.9.1 does not\nproperly detect compression errors, which allows context-dependent attackers\nto cause a denial of service (process hang) via crafted XML data.\n\nAnother vulnerability was discoverd in libxml2 that could cause parsing\nof unclosed comments to result in \"conditional jump or move depends on\nuninitialized value(s)\" and unsafe memory access. This issue does not have a\nCVE assigned yet. See related URLs for details. Patched in v1.6.7.rc4.\n", "gem": "nokogiri", "ghsa": "q7wx-62r7-j2x7", "patched_versions": [ "~\u003e 1.6.6.4", "\u003e= 1.6.7.rc4" ], "related": { "cve": [ "2015-7941", "2015-7942", "2015-7995", "2015-8035" ], "url": [ "https://github.com/sparklemotion/nokogiri/pull/1376", "https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59" ] }, "title": "Nokogiri gem contains several vulnerabilities in libxml2 and libxslt", "url": "https://github.com/sparklemotion/nokogiri/issues/1374" }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c1.6.6.4 ||\u003e=1.6.7.rc2 \u003c1.6.7.rc4", "affected_versions": "All versions before 1.6.6.4, all versions starting from 1.6.7.rc2 before 1.6.7.rc4", "credit": "Rafael Fran\u00e7a", "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "cwe_ids": [ "CWE-1035", "CWE-399", "CWE-937" ], "date": "2019-03-14", "description": "Several vulnerabilities were discovered in the libxml2 and libxslt libraries that this package gem depends on.", "fixed_versions": [ "1.6.6.4", "1.6.7.rc4" ], "identifier": "CVE-2015-1819", "identifiers": [ "CVE-2015-1819" ], "not_impacted": "All versions starting from 1.6.6.4 before 1.6.7.rc2, all versions starting from 1.6.7.rc4", "package_slug": "gem/nokogiri", "pubdate": "2015-08-14", "solution": "Upgrade to versions 1.6.6.4, 1.6.7.rc4 or above.", "title": "Vulnerabilities in libxml2 and libxslt", "urls": [ "https://github.com/sparklemotion/nokogiri/commit/8f3de6d88d0da11fb62a45daa61b85ce71b4af59", "https://github.com/sparklemotion/nokogiri/pull/1376" ], "uuid": "a497c8fd-f533-4747-bb8e-7b823b3de0c5" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "5.0", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:xmlsoft:libxml:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "9.2.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.11.3", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "2.1", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "9.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-1819" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-399" } ] } ] }, "references": { "reference_data": [ { "name": "RHSA-2015:1419", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1419.html" }, { "name": "https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9", "refsource": "CONFIRM", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://git.gnome.org/browse/libxml2/commit/?id=213f1fe0d76d30eaed6e5853057defc43e6df2c9" }, { "name": "USN-2812-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "http://www.ubuntu.com/usn/USN-2812-1" }, { "name": "RHSA-2015:2550", "refsource": "REDHAT", "tags": [ "Third Party Advisory" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2550.html" }, { "name": "http://xmlsoft.org/news.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://xmlsoft.org/news.html" }, { "name": "https://support.apple.com/HT206166", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://support.apple.com/HT206166" }, { "name": "https://support.apple.com/HT206169", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://support.apple.com/HT206169" }, { "name": "APPLE-SA-2016-03-21-1", "refsource": "APPLE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" }, { "name": "https://support.apple.com/HT206168", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://support.apple.com/HT206168" }, { "name": "APPLE-SA-2016-03-21-2", "refsource": "APPLE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" }, { "name": "APPLE-SA-2016-03-21-3", "refsource": "APPLE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" }, { "name": "https://support.apple.com/HT206167", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://support.apple.com/HT206167" }, { "name": "APPLE-SA-2016-03-21-5", "refsource": "APPLE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "name": "DSA-3430", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "http://www.debian.org/security/2015/dsa-3430" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" }, { "name": "75570", "refsource": "BID", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securityfocus.com/bid/75570" }, { "name": "FEDORA-2015-c24af963a2", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172710.html" }, { "name": "FEDORA-2015-037f844d3e", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172943.html" }, { "name": "openSUSE-SU-2015:2372", "refsource": "SUSE", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" }, { "name": "openSUSE-SU-2016:0106", "refsource": "SUSE", "tags": [ "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" }, { "name": "GLSA-201507-08", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201507-08" }, { "name": "GLSA-201701-37", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/201701-37" }, { "name": "1034243", "refsource": "SECTRACK", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://www.securitytracker.com/id/1034243" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false } }, "lastModifiedDate": "2019-12-27T16:08Z", "publishedDate": "2015-08-14T18:59Z" } } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.