Chiencc / asuswrt-gt-ac5300

asuswrt-gt-ac5300
Other
0 stars 0 forks source link

mlvv1.2.1: 41 vulnerabilities (highest severity is: 9.8) #25

Open mend-for-github-com[bot] opened 1 year ago

mend-for-github-com[bot] commented 1 year ago
Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Vulnerable Source Files (3)

/release/src/router/libxml2/encoding.c /release/src/router/libxml2/encoding.c /release/src/router/libxml2/encoding.c

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (mlvv1.2.1 version) Remediation Possible**
CVE-2016-4658 Critical 9.8 mlvv1.2.1 Direct v2.9.5-rc1
CVE-2017-7376 Critical 9.8 mlvv1.2.1 Direct libxml2-2.9.4-r3
CVE-2016-4448 Critical 9.8 detected in multiple dependencies Direct v2.9.4
CVE-2015-8710 Critical 9.8 mlvv1.2.1 Direct v2.9.3
CVE-2016-5131 High 8.8 detected in multiple dependencies Direct v2.9.5-rc1
CVE-2017-15412 High 8.8 mlvv1.2.1 Direct 2.9.6
CVE-2018-9466 High 8.8 detected in multiple dependencies Direct android-9.0.0_r5,android-8.1.0_r45,v2.9.8-rc1
CVE-2021-3518 High 8.8 mlvv1.2.1 Direct libxml2-debuginfo - 2.9.7-9,2.9.7-9;libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;python3-libxml2-debuginfo - 2.9.7-9,2.9.7-9;python3-libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;libxml2-devel - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;libxml2-debugsource - 2.9.7-9,2.9.7-9
CVE-2017-5130 High 8.8 mlvv1.2.1 Direct v2.9.5-rc1
CVE-2021-3517 High 8.6 mlvv1.2.1 Direct libxml2-debugsource - 2.9.7-9,2.9.7-9;libxml2-debuginfo - 2.9.7-9,2.9.7-9;libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;python3-libxml2-debuginfo - 2.9.7-9,2.9.7-9;python3-libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;libxml2-devel - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9
CVE-2011-0216 High 8.1 mlvv1.2.1 Direct v2.8.0-rc1
CVE-2011-1944 High 8.1 mlvv1.2.1 Direct v2.8.0-rc1
CVE-2016-1840 High 7.8 mlvv1.2.1 Direct v2.9.4
CVE-2016-1834 High 7.8 mlvv1.2.1 Direct v2.9.4
CVE-2021-3516 High 7.8 mlvv1.2.1 Direct libxml2-debugsource - 2.9.7-9,2.9.7-9;libxml2-debuginfo - 2.9.7-9,2.9.7-9;libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;python3-libxml2-debuginfo - 2.9.7-9,2.9.7-9;python3-libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;libxml2-devel - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9
CVE-2015-8806 High 7.5 detected in multiple dependencies Direct 2.9.4
CVE-2019-20388 High 7.5 mlvv1.2.1 Direct libxml2-python - 2.9.1-6,2.9.1-6,2.9.1-6;libxml2-debugsource - 2.9.7-8,2.9.7-8;libxml2-static - 2.9.1-6,2.9.1-6,2.9.1-6,2.9.1-6,2.9.1-6;libxml2-debuginfo - 2.9.1-6,2.9.1-6,2.9.7-8,2.9.7-8;libxml2 - 2.9.1-6,2.9.7-8,2.9.1-6,2.9.7-8,2.9.1-6,2.9.1-6,2.9.1-6,2.9.7-8,2.9.7-8,2.9.7-8,2.9.7-8,2.9.1-6;python3-libxml2-debuginfo - 2.9.7-8,2.9.7-8;python3-libxml2 - 2.9.7-8,2.9.7-8,2.9.7-8,2.9.7-8;libxml2-devel - 2.9.1-6,2.9.1-6,2.9.7-8,2.9.1-6,2.9.7-8,2.9.7-8,2.9.1-6,2.9.7-8,2.9.1-6,2.9.7-8
CVE-2016-3627 High 7.5 mlvv1.2.1 Direct v2.9.4
CVE-2017-9047 High 7.5 mlvv1.2.1 Direct 2.9.5
CVE-2017-9048 High 7.5 mlvv1.2.1 Direct 2.9.5
CVE-2018-14404 High 7.5 mlvv1.2.1 Direct nokogiri- 2.9.5, libxml2 - 2.9.9
CVE-2022-23308 High 7.5 mlvv1.2.1 Direct v2.9.13
CVE-2016-4483 High 7.5 mlvv1.2.1 Direct v2.9.4
CVE-2010-4494 High 7.3 mlvv1.2.1 Direct 9.0.589.0
CVE-2013-1969 High 7.3 mlvv1.2.1 Direct libxml2-utils - 2.9.0+dfsg1-4ubuntu4.1;libxml2-udeb - 2.9.0+dfsg1-4ubuntu4.1;python2.3-libxml2 - 2.9.0+dfsg1-4ubuntu4.1;libxml2-utils-dbg - 2.9.0+dfsg1-4ubuntu4.1;libxml2 - 2.9.0+dfsg1-4ubuntu4.1;libxml2-dbg - 2.9.0+dfsg1-4ubuntu4.1;libxml2-dev - 2.9.0+dfsg1-4ubuntu4.1;libxml2-doc - 2.9.0+dfsg1-4ubuntu4.1;python2.4-libxml2 - 2.9.0+dfsg1-4ubuntu4.1;python-libxml2-dbg - 2.9.0+dfsg1-4ubuntu4.1;libxml2-python2.3 - 2.9.0+dfsg1-4ubuntu4.1;libxml2-python2.4 - 2.9.0+dfsg1-4ubuntu4.1;python-libxml2 - 2.9.0+dfsg1-4ubuntu4.1
CVE-2011-2821 High 7.3 mlvv1.2.1 Direct 13.0.782.215
CVE-2022-29824 Medium 6.5 mlvv1.2.1 Direct v2.9.14
CVE-2023-28484 Medium 6.5 mlvv1.2.1 Direct v2.10.4
CVE-2020-24977 Medium 6.5 mlvv1.2.1 Direct 2.9.10-7
CVE-2023-29469 Medium 6.5 mlvv1.2.1 Direct v2.10.4
CVE-2011-3102 Medium 5.6 mlvv1.2.1 Direct 20.0.1126.0
CVE-2013-0339 Medium 5.6 detected in multiple dependencies Direct v2.9.1
CVE-2012-2871 Medium 5.6 mlvv1.2.1 Direct 22.0.1226.0
CVE-2012-2807 Medium 5.6 mlvv1.2.1 Direct 21.0.1180.0
CVE-2016-1839 Medium 5.5 mlvv1.2.1 Direct v2.9.4
CVE-2015-1819 Medium 5.3 mlvv1.2.1 Direct 2.9.4-r1
CVE-2012-0841 Medium 5.3 detected in multiple dependencies Direct 2.8.0
CVE-2015-7497 Medium 5.3 mlvv1.2.1 Direct 2.9.3
CVE-2013-2877 Medium 5.3 mlvv1.2.1 Direct 28.0.1491.0
CVE-2015-8242 Medium 4.8 mlvv1.2.1 Direct 2.9.3
CVE-2013-0338 Low 3.7 detected in multiple dependencies Direct libxml2-python - 2.7.6-12,2.7.6-12;libxml2-static - 2.7.6-12,2.7.6-12;libxml2-debuginfo - 2.7.6-12,2.7.6-12;libxml2 - 2.7.6-12,2.7.6-12,2.7.6-12,2.7.6-12;libxml2-devel - 2.7.6-12,2.7.6-12

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

Partial details (24 vulnerabilities) are displayed below due to a content size limitation in GitHub. To view information on the remaining vulnerabilities, navigate to the Mend Application.

CVE-2016-4658 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xpointer.c /release/src/router/libxml2/xpointer.c /release/src/router/libxml2/xpointer.c

### Vulnerability Details

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.

Publish Date: 2016-09-25

URL: CVE-2016-4658

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4658

Release Date: 2016-09-25

Fix Resolution: v2.9.5-rc1

CVE-2017-7376 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/nanohttp.c /release/src/router/libxml2/nanohttp.c /release/src/router/libxml2/nanohttp.c

### Vulnerability Details

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.

Publish Date: 2018-02-19

URL: CVE-2017-7376

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: http://www.securityfocus.com/bid/98877

Release Date: 2018-02-19

Fix Resolution: libxml2-2.9.4-r3

CVE-2016-4448 ### Vulnerable Libraries - mlvv1.2.1, mlvv1.2.1, mlvv1.2.1

### Vulnerability Details

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

Publish Date: 2016-06-09

URL: CVE-2016-4448

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4448

Release Date: 2016-06-09

Fix Resolution: v2.9.4

CVE-2015-8710 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/HTMLparser.c /release/src/router/libxml2/HTMLparser.c /release/src/router/libxml2/HTMLparser.c

### Vulnerability Details

The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.

Publish Date: 2016-04-11

URL: CVE-2015-8710

### CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8710

Release Date: 2016-04-11

Fix Resolution: v2.9.3

CVE-2016-5131 ### Vulnerable Libraries - mlvv1.2.1, mlvv1.2.1

### Vulnerability Details

Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.

Publish Date: 2016-07-23

URL: CVE-2016-5131

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2016-07-23

Fix Resolution: v2.9.5-rc1

CVE-2017-15412 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xpath.c /release/src/router/libxml2/xpath.c /release/src/router/libxml2/xpath.c

### Vulnerability Details

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Publish Date: 2018-08-28

URL: CVE-2017-15412

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://gitlab.gnome.org/GNOME/libxml2/-/commit/0f3b843b3534784ef57a4f9b874238aa1fda5a73

Release Date: 2018-08-28

Fix Resolution: 2.9.6

CVE-2018-9466 ### Vulnerable Libraries - mlvv1.2.1, mlvv1.2.1, mlvv1.2.1, mlvv1.2.1

### Vulnerability Details

A Remote Code Execution was discovered in libxml2 before version 2.9.8.

Publish Date: 2019-01-01

URL: CVE-2018-9466

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2019-06-16

Fix Resolution: android-9.0.0_r5,android-8.1.0_r45,v2.9.8-rc1

CVE-2021-3518 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xinclude.c /release/src/router/libxml2/xinclude.c /release/src/router/libxml2/xinclude.c

### Vulnerability Details

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

Publish Date: 2021-05-18

URL: CVE-2021-3518

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-3518

Release Date: 2021-05-18

Fix Resolution: libxml2-debuginfo - 2.9.7-9,2.9.7-9;libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;python3-libxml2-debuginfo - 2.9.7-9,2.9.7-9;python3-libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;libxml2-devel - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;libxml2-debugsource - 2.9.7-9,2.9.7-9

CVE-2017-5130 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xmlmemory.c /release/src/router/libxml2/xmlmemory.c /release/src/router/libxml2/xmlmemory.c

### Vulnerability Details

An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.

Publish Date: 2018-02-07

URL: CVE-2017-5130

### CVSS 3 Score Details (8.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2018-02-07

Fix Resolution: v2.9.5-rc1

CVE-2021-3517 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (2)

/release/src/router/libxml2/entities.c /release/src/router/libxml2/entities.c

### Vulnerability Details

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.

Publish Date: 2021-05-19

URL: CVE-2021-3517

### CVSS 3 Score Details (8.6)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-3517

Release Date: 2021-05-19

Fix Resolution: libxml2-debugsource - 2.9.7-9,2.9.7-9;libxml2-debuginfo - 2.9.7-9,2.9.7-9;libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;python3-libxml2-debuginfo - 2.9.7-9,2.9.7-9;python3-libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;libxml2-devel - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9

CVE-2011-0216 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/encoding.c /release/src/router/libxml2/encoding.c /release/src/router/libxml2/encoding.c

### Vulnerability Details

Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.

Publish Date: 2011-07-21

URL: CVE-2011-0216

### CVSS 3 Score Details (8.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0216

Release Date: 2011-07-21

Fix Resolution: v2.8.0-rc1

CVE-2011-1944 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xpath.c /release/src/router/libxml2/xpath.c /release/src/router/libxml2/xpath.c

### Vulnerability Details

Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.

Publish Date: 2011-09-02

URL: CVE-2011-1944

### CVSS 3 Score Details (8.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2011-09-02

Fix Resolution: v2.8.0-rc1

CVE-2016-1840 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xmlregexp.c /release/src/router/libxml2/xmlregexp.c /release/src/router/libxml2/xmlregexp.c

### Vulnerability Details

Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

Publish Date: 2016-05-20

URL: CVE-2016-1840

### CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2016-05-20

Fix Resolution: v2.9.4

CVE-2016-1834 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xmlstring.c /release/src/router/libxml2/xmlstring.c /release/src/router/libxml2/xmlstring.c

### Vulnerability Details

Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted XML document.

Publish Date: 2016-05-20

URL: CVE-2016-1834

### CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://git.gnome.org/browse/libxml2/commit/?id=8fbbf5513d609c1770b391b99e33314cd0742704

Release Date: 2016-05-20

Fix Resolution: v2.9.4

CVE-2021-3516 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (2)

/release/src/router/libxml2/xmllint.c /release/src/router/libxml2/xmllint.c

### Vulnerability Details

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.

Publish Date: 2021-06-01

URL: CVE-2021-3516

### CVSS 3 Score Details (7.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Local - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2021-3516

Release Date: 2021-06-01

Fix Resolution: libxml2-debugsource - 2.9.7-9,2.9.7-9;libxml2-debuginfo - 2.9.7-9,2.9.7-9;libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;python3-libxml2-debuginfo - 2.9.7-9,2.9.7-9;python3-libxml2 - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9;libxml2-devel - 2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9,2.9.7-9

CVE-2015-8806 ### Vulnerable Libraries - mlvv1.2.1, mlvv1.2.1

### Vulnerability Details

dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via an unexpected character immediately after the "Publish Date: 2016-04-13

URL: CVE-2015-8806

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://security.gentoo.org/glsa/201701-37

Release Date: 2016-04-13

Fix Resolution: 2.9.4

CVE-2019-20388 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (2)

/release/src/router/libxml2/xmlschemas.c /release/src/router/libxml2/xmlschemas.c

### Vulnerability Details

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

Publish Date: 2020-01-21

URL: CVE-2019-20388

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://nvd.nist.gov/vuln/detail/CVE-2019-20388

Release Date: 2020-01-21

Fix Resolution: libxml2-python - 2.9.1-6,2.9.1-6,2.9.1-6;libxml2-debugsource - 2.9.7-8,2.9.7-8;libxml2-static - 2.9.1-6,2.9.1-6,2.9.1-6,2.9.1-6,2.9.1-6;libxml2-debuginfo - 2.9.1-6,2.9.1-6,2.9.7-8,2.9.7-8;libxml2 - 2.9.1-6,2.9.7-8,2.9.1-6,2.9.7-8,2.9.1-6,2.9.1-6,2.9.1-6,2.9.7-8,2.9.7-8,2.9.7-8,2.9.7-8,2.9.1-6;python3-libxml2-debuginfo - 2.9.7-8,2.9.7-8;python3-libxml2 - 2.9.7-8,2.9.7-8,2.9.7-8,2.9.7-8;libxml2-devel - 2.9.1-6,2.9.1-6,2.9.7-8,2.9.1-6,2.9.7-8,2.9.7-8,2.9.1-6,2.9.7-8,2.9.1-6,2.9.7-8

CVE-2016-3627 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

### Vulnerability Details

The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service (infinite recursion, stack consumption, and application crash) via a crafted XML document.

Publish Date: 2016-05-17

URL: CVE-2016-3627

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3627

Release Date: 2016-05-17

Fix Resolution: v2.9.4

CVE-2017-9047 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/valid.c /release/src/router/libxml2/valid.c /release/src/router/libxml2/valid.c

### Vulnerability Details

A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about "size" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.

Publish Date: 2017-05-18

URL: CVE-2017-9047

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047

Release Date: 2017-05-18

Fix Resolution: 2.9.5

CVE-2017-9048 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/valid.c /release/src/router/libxml2/valid.c /release/src/router/libxml2/valid.c

### Vulnerability Details

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.

Publish Date: 2017-05-18

URL: CVE-2017-9048

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9047

Release Date: 2017-05-18

Fix Resolution: 2.9.5

CVE-2018-14404 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xpath.c /release/src/router/libxml2/xpath.c /release/src/router/libxml2/xpath.c

### Vulnerability Details

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.

Publish Date: 2018-07-19

URL: CVE-2018-14404

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Release Date: 2018-07-19

Fix Resolution: nokogiri- 2.9.5, libxml2 - 2.9.9

CVE-2022-23308 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/valid.c /release/src/router/libxml2/valid.c /release/src/router/libxml2/valid.c

### Vulnerability Details

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

Publish Date: 2022-02-26

URL: CVE-2022-23308

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://mail.gnome.org/archives/xml/2022-February/msg00015.html

Release Date: 2022-02-26

Fix Resolution: v2.9.13

CVE-2016-4483 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (1)

/release/src/router/libxml2/xmlsave.c

### Vulnerability Details

The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a non-UTF-8 attribute value, related to serialization. NOTE: this vulnerability may be a duplicate of CVE-2016-3627.

Publish Date: 2017-04-11

URL: CVE-2016-4483

### CVSS 3 Score Details (7.5)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: http://web.nvd.nist.gov/view/vuln/deta?il?vulnId=CVE-2016-4483

Release Date: 2017-04-11

Fix Resolution: v2.9.4

CVE-2010-4494 ### Vulnerable Library - mlvv1.2.1

MLV Library

Library home page: https://git.savannah.gnu.org/git/mlv.git

Found in HEAD commit: 0c45ce909374d16605095db4fce9a89b9b6bafd5

Found in base branch: master

### Vulnerable Source Files (3)

/release/src/router/libxml2/xpath.c /release/src/router/libxml2/xpath.c /release/src/router/libxml2/xpath.c

### Vulnerability Details

Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.

Publish Date: 2010-12-07

URL: CVE-2010-4494

### CVSS 3 Score Details (7.3)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: Low

For more information on CVSS3 Scores, click here.

### Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4494

Release Date: 2010-12-07

Fix Resolution: 9.0.589.0

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.

mend-for-github-com[bot] commented 1 year ago

:information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.