CVE-2024-34459

ADVISORY - nist

Summary

An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.

EPSS Score⁠: 0.00158 (0.373)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-122⁠

Heap-based Buffer Overflow

ADVISORY - redhat

CWE-126⁠

Buffer Over-read

Impacted images

Advisories

NIST

CREATED

1 year ago

UPDATED

9 months ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-122⁠

CVSS SCORE

7.5high

Alpine

CREATED

1 year ago

UPDATED

4 days ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 year ago

UPDATED

9 days ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

1 year ago

UPDATED

5 months ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Amazon

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDALAS2-2024-2717⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDALAS2023-2024-783⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

1 year ago

UPDATED

5 months ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-126⁠

CVSS SCORE

5.5low