Home

CVE-2019-19956

Description

xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.154

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Security Guardium 10.5Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 10.6Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.1Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.2Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.3Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.0Windows
GNOME XML library (USN-4274-1) libxml2_2.9.3+dfsg1-1ubuntu0.7_i386.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.3+dfsg1-1ubuntu0.7_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.4+dfsg1-7ubuntu3.1_i386.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.4+dfsg1-7ubuntu3.1_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.4+dfsg1-6.1ubuntu1.3_i386.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.4+dfsg1-6.1ubuntu1.3_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.3+dfsg1-1ubuntu0.7_i386.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.3+dfsg1-1ubuntu0.7_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.4+dfsg1-7ubuntu3.1_i386.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.4+dfsg1-7ubuntu3.1_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.3_i386.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.3_amd64.debLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-python-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-python-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.x86_64.rpmLinux
Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2019-19956)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234