Denial of Service Vulnerability in libxml2 2.9.8 with --with-lzma

Denial of Service Vulnerability in libxml2 2.9.8 with --with-lzma

CVE-2018-14567 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.

Learn more about our Web Application Penetration Testing UK.