GSD-2017-15412
Vulnerability from gsd - Updated: 2018-01-29 00:00Details
The version of libxml2 packaged with Nokogiri contains a
vulnerability. Nokogiri has mitigated these issue by upgrading to
libxml 2.9.6.
It was discovered that libxml2 incorrecty handled certain files. An attacker
could use this issue with specially constructed XML data to cause libxml2 to
consume resources, leading to a denial of service.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-15412",
"description": "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"id": "GSD-2017-15412",
"references": [
"https://www.suse.com/security/cve/CVE-2017-15412.html",
"https://www.debian.org/security/2018/dsa-4086",
"https://access.redhat.com/errata/RHBA-2020:1540",
"https://access.redhat.com/errata/RHBA-2020:1539",
"https://access.redhat.com/errata/RHSA-2020:1190",
"https://access.redhat.com/errata/RHSA-2018:0287",
"https://access.redhat.com/errata/RHSA-2017:3401",
"https://ubuntu.com/security/CVE-2017-15412",
"https://advisories.mageia.org/CVE-2017-15412.html",
"https://security.archlinux.org/CVE-2017-15412",
"https://alas.aws.amazon.com/cve/html/CVE-2017-15412.html",
"https://linux.oracle.com/cve/CVE-2017-15412.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "nokogiri",
"purl": "pkg:gem/nokogiri"
}
}
],
"aliases": [
"CVE-2017-15412"
],
"details": "The version of libxml2 packaged with Nokogiri contains a\nvulnerability. Nokogiri has mitigated these issue by upgrading to\nlibxml 2.9.6.\n\nIt was discovered that libxml2 incorrecty handled certain files. An attacker\ncould use this issue with specially constructed XML data to cause libxml2 to\nconsume resources, leading to a denial of service.\n",
"id": "GSD-2017-15412",
"modified": "2018-01-29T00:00:00.000Z",
"published": "2018-01-29T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/sparklemotion/nokogiri/issues/1714"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/usn/usn-3513-1/"
},
{
"type": "WEB",
"url": "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html"
}
],
"related": [
"CVE-2017-18258"
],
"schema_version": "1.4.0",
"summary": "Nokogiri gem, via libxml, is affected by DoS vulnerabilities"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-15412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Google Chrome prior to 63.0.3239.84 unknown",
"version": {
"version_data": [
{
"version_value": "Google Chrome prior to 63.0.3239.84 unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1040348",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040348"
},
{
"name": "https://crbug.com/727039",
"refsource": "MISC",
"url": "https://crbug.com/727039"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=783160",
"refsource": "MISC",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=783160"
},
{
"name": "DSA-4086",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4086"
},
{
"name": "RHSA-2018:0287",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0287"
},
{
"name": "[debian-lts-announce] 20171218 [SECURITY] [DLA 1211-1] libxml2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html"
},
{
"name": "RHSA-2017:3401",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3401"
},
{
"name": "GLSA-201801-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-03"
},
{
"name": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"url": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2017-15412",
"date": "2018-01-29",
"description": "The version of libxml2 packaged with Nokogiri contains a\nvulnerability. Nokogiri has mitigated these issue by upgrading to\nlibxml 2.9.6.\n\nIt was discovered that libxml2 incorrecty handled certain files. An attacker\ncould use this issue with specially constructed XML data to cause libxml2 to\nconsume resources, leading to a denial of service.\n",
"gem": "nokogiri",
"patched_versions": [
"\u003e= 1.8.2"
],
"related": {
"cve": [
"2017-18258"
],
"url": [
"https://usn.ubuntu.com/usn/usn-3513-1/",
"https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html"
]
},
"title": "Nokogiri gem, via libxml, is affected by DoS vulnerabilities",
"url": "https://github.com/sparklemotion/nokogiri/issues/1714"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c1.8.2",
"affected_versions": "All versions before 1.8.2",
"cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-416",
"CWE-937"
],
"date": "2018-10-25",
"description": "The libxml2 binary, which is included in nokogiri, incorrectly handles certain files. An attacker can use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. ",
"fixed_versions": [
"1.8.2"
],
"identifier": "CVE-2017-15412",
"identifiers": [
"CVE-2017-15412"
],
"not_impacted": "All versions starting from 1.8.2",
"package_slug": "gem/nokogiri",
"pubdate": "2018-08-28",
"solution": "Upgrade to version 1.8.2 or above.",
"title": "Denial of Service",
"urls": [
"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412",
"https://github.com/sparklemotion/nokogiri/issues/1714",
"https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html"
],
"uuid": "78658378-bd8f-4d79-81c8-07c419302426"
},
{
"affected_range": "(,2.9.5)",
"affected_versions": "All versions before 2.9.5",
"cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-416",
"CWE-937"
],
"date": "2018-10-25",
"description": "Use after free in libxml2, as used in Google Chrome and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"fixed_versions": [],
"identifier": "CVE-2017-15412",
"identifiers": [
"CVE-2017-15412"
],
"not_impacted": "",
"package_slug": "nuget/libxml2",
"pubdate": "2018-08-28",
"solution": "Unfortunately, there is no solution available yet.",
"title": "Use After Free",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2017-15412"
],
"uuid": "b349ada1-665e-497a-b7e6-42f6e68e3fc5"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "63.0.3239.84",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.9.5",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2017-15412"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://crbug.com/727039",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://crbug.com/727039"
},
{
"name": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=783160",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Permissions Required",
"Third Party Advisory"
],
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=783160"
},
{
"name": "DSA-4086",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4086"
},
{
"name": "GLSA-201801-03",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201801-03"
},
{
"name": "[debian-lts-announce] 20171218 [SECURITY] [DLA 1211-1] libxml2 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html"
},
{
"name": "RHSA-2018:0287",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0287"
},
{
"name": "RHSA-2017:3401",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3401"
},
{
"name": "1040348",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040348"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2018-10-25T11:35Z",
"publishedDate": "2018-08-28T19:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…