4.3
CVSSv2

CVE-2018-14567

Published: 16/08/2018 Updated: 12/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

libxml2 2.9.8, if --with-lzma is used, allows remote malicious users to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.

Vulnerability Trend

Affected Products

Vendor Product Versions
XmlsoftLibxml22.9.8
CanonicalUbuntu Linux14.04, 16.04, 18.04
DebianDebian Linux8.0

Github Repositories

TrivyWeb A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI for Web TOC Installation RHEL/CentOS Debian/Ubuntu Mac OS X / Homebrew Binary (Including Windows) From source Examples Scan an image Scan an image file Save the results as JSON Filter the vulnerabilities by severities Filter the vulnerabilities by type Skip an update of vulnerability

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI Accuracy Comparison The number of vulnerabilities detected on Alpine Linux (as of 2019/05/12) See Comparison with other scanners for details TOC Abstract Features Installation RHEL/CentOS Debian/Ubuntu Mac OS X / Homebrew Binary (Including Windows) From source Quick Start Basic Docker E

A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI TOC Abstract Features Installation RHEL/CentOS Debian/Ubuntu Arch Linux Mac OS X / Homebrew Binary (Including Windows) From source Quick Start Basic Docker Examples Scan an image Scan an image file Save the results as JSON Filter the vulnerabilities by severities Filter the vulnerabiliti

Scan Docker Image This script purpose is to scan Docker images for vulnerabilities Get a token: microscanneraquaseccom/signup Usage: SCANNER_TOKEN=<TOKEN> SCANNER_IMAGE=jboss/keycloak:601 /docker-scansh --silent Sample output: { "scan_started": { "seconds": 1563490473, "nanos": 733846066 }, "scan_dura