CVE-2018-9251

Debian Bug report logs - #895245 libxml2: CVE-2017-18258: Set memory limit for LZMA decompression Package: src:libxml2; Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 8 Apr 2018 19:21:02 UTC Severity ...

Synopsis Important: Container-native Virtualization security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Virtualization release 240 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Securi ...

Synopsis Moderate: libxml2 security update Type/Severity Security Advisory: Moderate Topic An update for libxml2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...

Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...

The xz_decomp function in xzlibc in libxml2 298, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 ...

A security issue has been found in libxml2 <= 298 compiled with LZMA support enabled, in the xz_decomp function in xzlibc This flaw allows a remote attacker to cause a denial of service via an infinite loop, using a crafted XML payload that triggers LZMA_MEMLIMIT_ERROR ...