Home

CVE-2019-20388

Description

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.562

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Security Guardium 10.5Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 10.6Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.1Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.2Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.3Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.0Windows
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-python-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.x86_64.rpmLinux
GNOME XML library (USN-4991-1) libxml2_2.9.10+dfsg-6.3ubuntu0.1_i386.debLinux
GNOME XML library (USN-4991-1) libxml2_2.9.10+dfsg-6.3ubuntu0.1_amd64.debLinux
GNOME XML library (USN-4991-1) libxml2_2.9.4+dfsg1-6.1ubuntu1.4_i386.debLinux
GNOME XML library (USN-4991-1) libxml2_2.9.4+dfsg1-6.1ubuntu1.4_amd64.debLinux
GNOME XML library (USN-4991-1) libxml2_2.9.10+dfsg-5ubuntu0.20.04.1_i386.debLinux
GNOME XML library (USN-4991-1) libxml2_2.9.10+dfsg-5ubuntu0.20.04.1_amd64.debLinux
GNOME XML library (USN-4991-1) libxml2_2.9.10+dfsg-5ubuntu0.20.10.2_i386.debLinux
GNOME XML library (USN-4991-1) libxml2_2.9.10+dfsg-5ubuntu0.20.10.2_amd64.debLinux
GNOME XML library (USN-4991-1) libxml2-utils_2.9.10+dfsg-6.3ubuntu0.1_i386.debLinux
GNOME XML library (USN-4991-1) libxml2-utils_2.9.10+dfsg-6.3ubuntu0.1_amd64.debLinux
GNOME XML library (USN-4991-1) libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.4_i386.debLinux
GNOME XML library (USN-4991-1) libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.4_amd64.debLinux
GNOME XML library (USN-4991-1) libxml2-utils_2.9.10+dfsg-5ubuntu0.20.04.1_i386.debLinux
GNOME XML library (USN-4991-1) libxml2-utils_2.9.10+dfsg-5ubuntu0.20.04.1_amd64.debLinux
GNOME XML library (USN-4991-1) libxml2-utils_2.9.10+dfsg-5ubuntu0.20.10.2_i386.debLinux
GNOME XML library (USN-4991-1) libxml2-utils_2.9.10+dfsg-5ubuntu0.20.10.2_amd64.debLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-python-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.x86_64.rpmLinux
Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2019-20388)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234