Home

CVE-2020-7595

Description

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.466

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2020-7595 are fixed in Ruby-nokogiri 1.10.8Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 10.5Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 10.6Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.1Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.2Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.3Windows
Multiple Vulnerabilities are affected in IBM Aspera Shares 1.10.1Windows
Multiple Vulnerabilities are affected in IBM Security Guardium 11.0Windows
GNOME XML library (USN-4274-1) libxml2_2.9.3+dfsg1-1ubuntu0.7_i386.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.3+dfsg1-1ubuntu0.7_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.4+dfsg1-7ubuntu3.1_i386.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.4+dfsg1-7ubuntu3.1_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.4+dfsg1-6.1ubuntu1.3_i386.debLinux
GNOME XML library (USN-4274-1) libxml2_2.9.4+dfsg1-6.1ubuntu1.3_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.3+dfsg1-1ubuntu0.7_i386.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.3+dfsg1-1ubuntu0.7_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.4+dfsg1-7ubuntu3.1_i386.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.4+dfsg1-7ubuntu3.1_amd64.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.3_i386.debLinux
GNOME XML library (USN-4274-1) libxml2-utils_2.9.4+dfsg1-6.1ubuntu1.3_amd64.debLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-python-2.9.1-6.el7.5.x86_64.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.i686.rpmLinux
(RHSA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-devel-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-python-2.9.1-6.el7.5.x86_64.rpmLinux
(CESA-2020:3996) libxml2 security and bug fix update libxml2-static-2.9.1-6.el7.5.x86_64.rpmLinux
Vulnerabilities CVE-2020-7595 are fixed in Ruby-nokogiri for Linux 1.10.8Linux
Loop with Unreachable Exit Condition (Infinite Loop) Vulnerability (CVE-2020-7595)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234