CVE-2019-19956
Description
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
Related CPE's
References
PatchThird Party Advisory
Mailing ListThird Party Advisory
Third Party Advisory
Third Party Advisory
Third Party Advisory
Third Party Advisory
Broken Link
Broken Link
Third Party Advisory
Mailing ListThird Party Advisory
Third Party Advisory
Third Party AdvisoryUS Government Resource
CvssV3 impact
Version | 3.1 |
VectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
AttackVector | NETWORK |
AttackComplexity | LOW |
PrivilegesRequired | NONE |
UserInteraction | NONE |
Scope | UNCHANGED |
ConfidentialityImpact | NONE |
IntegrityImpact | NONE |
AvailabilityImpact | HIGH |
BaseScore | 7.5 |
BaseSeverity | HIGH |
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:L/Au:N/C:N/I:N/A:P |
AccessVector | NETWORK |
AccessComplexity | LOW |
Authentication | NONE |
ConfidentialityImpact | NONE |
IntegrityImpact | NONE |
AvailabilityImpact | PARTIAL |
BaseScore | 5 |