CVE-2024-34459

ADVISORY - nist

Summary

An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.

EPSS Score⁠: 0.00044 (0.111)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-122⁠

Heap-based Buffer Overflow

ADVISORY - redhat

CWE-126⁠

Buffer Over-read

Impacted images

Advisories

NIST

CREATED

6 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-122⁠

CVSS SCORE

7.5high

Alpine

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

6 months ago

UPDATED

30 days ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

5 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

6 months ago

UPDATED

5 months ago

ADVISORY IDCVE-2024-34459⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-126⁠

CVSS SCORE

5.3medium