{"id":"USN-2834-1","summary":"libxml2 vulnerabilities","details":"Kostya Serebryany discovered that libxml2 incorrectly handled certain\nmalformed documents. If a user or automated system were tricked into\nopening a specially crafted document, an attacker could possibly cause\nlibxml2 to crash, resulting in a denial of service. (CVE-2015-5312,\nCVE-2015-7497, CVE-2015-7498, CVE-2015-7499,CVE-2015-7500)\n\nHugh Davenport discovered that libxml2 incorrectly handled certain\nmalformed documents. If a user or automated system were tricked into\nopening a specially crafted document, an attacker could possibly cause\nlibxml2 to crash, resulting in a denial of service. (CVE-2015-8241,\nCVE-2015-8242)\n\nHanno Boeck discovered that libxml2 incorrectly handled certain\nmalformed documents. If a user or automated system were tricked into\nopening a specially crafted document, an attacker could possibly cause\nlibxml2 to crash, resulting in a denial of service. This issue only applied\nto Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. (CVE-2015-8317)\n","modified":"2026-04-22T09:19:06.169647Z","published":"2015-12-14T12:53:56Z","related":["UBUNTU-CVE-2015-5312","UBUNTU-CVE-2015-7497","UBUNTU-CVE-2015-7498","UBUNTU-CVE-2015-7499","UBUNTU-CVE-2015-7500","UBUNTU-CVE-2015-8241","UBUNTU-CVE-2015-8242","UBUNTU-CVE-2015-8317"],"upstream":["CVE-2015-5312","CVE-2015-7497","CVE-2015-7498","CVE-2015-7499","CVE-2015-7500","CVE-2015-8241","CVE-2015-8242","CVE-2015-8317","UBUNTU-CVE-2015-5312","UBUNTU-CVE-2015-7497","UBUNTU-CVE-2015-7498","UBUNTU-CVE-2015-7499","UBUNTU-CVE-2015-7500","UBUNTU-CVE-2015-8241","UBUNTU-CVE-2015-8242","UBUNTU-CVE-2015-8317"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2834-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-5312"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-7497"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-7498"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-7499"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-7500"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-8241"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-8242"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2015-8317"}],"affected":[{"package":{"name":"libxml2","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/libxml2@2.9.1+dfsg1-3ubuntu4.6?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.9.1+dfsg1-3ubuntu4.6"}]}],"versions":["2.9.1+dfsg1-3ubuntu2","2.9.1+dfsg1-3ubuntu3","2.9.1+dfsg1-3ubuntu4","2.9.1+dfsg1-3ubuntu4.1","2.9.1+dfsg1-3ubuntu4.2","2.9.1+dfsg1-3ubuntu4.3","2.9.1+dfsg1-3ubuntu4.4","2.9.1+dfsg1-3ubuntu4.5"],"ecosystem_specific":{"binaries":[{"binary_name":"libxml2","binary_version":"2.9.1+dfsg1-3ubuntu4.6"},{"binary_name":"libxml2-utils","binary_version":"2.9.1+dfsg1-3ubuntu4.6"},{"binary_name":"python-libxml2","binary_version":"2.9.1+dfsg1-3ubuntu4.6"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:14.04:LTS","cves":[{"severity":[{"score":"low","type":"Ubuntu"}],"id":"CVE-2015-5312"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2015-7497"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2015-7498"},{"severity":[{"score":"low","type":"Ubuntu"}],"id":"CVE-2015-7499"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2015-7500"},{"severity":[{"score":"low","type":"Ubuntu"}],"id":"CVE-2015-8241"},{"severity":[{"score":"low","type":"Ubuntu"}],"id":"CVE-2015-8242"},{"severity":[{"score":"low","type":"Ubuntu"}],"id":"CVE-2015-8317"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2834-1.json"}}],"schema_version":"1.7.5"}