Show plain JSON{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-07-19T00:00:00", "descriptions": [{"lang": "en", "value": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-10T00:06:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"}, {"tags": ["x_refsource_MISC"], "url": "https://gitlab.gnome.org/GNOME/libxml2/issues/10"}, {"name": "USN-3739-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3739-1/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817"}, {"name": "USN-3739-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3739-2/"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595985"}, {"name": "RHSA-2019:1543", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1543"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190719-0002/"}, {"name": "[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-14404", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"}, {"name": "https://gitlab.gnome.org/GNOME/libxml2/issues/10", "refsource": "MISC", "url": "https://gitlab.gnome.org/GNOME/libxml2/issues/10"}, {"name": "USN-3739-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3739-1/"}, {"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817", "refsource": "MISC", "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817"}, {"name": "USN-3739-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3739-2/"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595985"}, {"name": "RHSA-2019:1543", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1543"}, {"name": "https://security.netapp.com/advisory/ntap-20190719-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190719-0002/"}, {"name": "[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T09:29:51.525Z"}, "title": "CVE Program Container", "references": [{"name": "[debian-lts-announce] 20180927 [SECURITY] [DLA 1524-1] libxml2 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00035.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gitlab.gnome.org/GNOME/libxml2/issues/10"}, {"name": "USN-3739-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3739-1/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901817"}, {"name": "USN-3739-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3739-2/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1595985"}, {"name": "RHSA-2019:1543", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1543"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190719-0002/"}, {"name": "[debian-lts-announce] 20200909 [SECURITY] [DLA 2369-1] libxml2 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-14404", "datePublished": "2018-07-19T13:00:00", "dateReserved": "2018-07-19T00:00:00", "dateUpdated": "2024-08-05T09:29:51.525Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}