CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-8872

The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.0%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 6.4

References

https://bugzilla.gnome.org/show_bug.cgi?id=775200
https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html
https://bugzilla.gnome.org/show_bug.cgi?id=775200
https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html

Products affected by CVE-2017-8872

Xmlsoft » Libxml2 » Version: 2.9.4

cpe:2.3:a:xmlsoft:libxml2:2.9.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-8872

Products

Pricing

Contact Us