Open mend-for-github-com[bot] opened 3 years ago
Library home page: https://source.codeaurora.org/quic/la/platform/external/libxml2/
Found in HEAD commit: ebbe518de6103063656cb8a1c3d1040aacb09826
Found in base branch: main
dvna/node_modules/libxmljs/vendor/libxml/parser.c
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
Publish Date: 2019-12-24
URL: CVE-2019-19956
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
Type: Change files
Origin: https://github.com/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549
Release Date: 2019-08-26
Fix Resolution: Replace or update the following file: parser.c
CVE-2019-19956 - High Severity Vulnerability
Library home page: https://source.codeaurora.org/quic/la/platform/external/libxml2/
Found in HEAD commit: ebbe518de6103063656cb8a1c3d1040aacb09826
Found in base branch: main
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
Publish Date: 2019-12-24
URL: CVE-2019-19956
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: High
For more information on CVSS3 Scores, click here.Type: Change files
Origin: https://github.com/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549
Release Date: 2019-08-26
Fix Resolution: Replace or update the following file: parser.c