vulnerability
Amazon Linux AMI 2: CVE-2017-15412: Security patch for libxml2 (ALAS-2020-1466)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Aug 28, 2018 | Jul 23, 2020 | Nov 8, 2023 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Aug 28, 2018
Added
Jul 23, 2020
Modified
Nov 8, 2023
Description
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Solution(s)
amazon-linux-ami-2-upgrade-libxml2amazon-linux-ami-2-upgrade-libxml2-debuginfoamazon-linux-ami-2-upgrade-libxml2-develamazon-linux-ami-2-upgrade-libxml2-pythonamazon-linux-ami-2-upgrade-libxml2-static

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.