Total vulnerabilities in the database
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
| Software | From | Fixed in |
|---|---|---|
| debian / debian_linux | 8.0 | 8.0.x |
| debian / debian_linux | 7.0 | 7.0.x |
| xmlsoft / libxml2 | 2.9.1 | 2.9.1.x |
| apple / watchos | - | 2.1.x |
| apple / iphone_os | - | 9.2.1.x |
| apple / mac_os_x | - | 10.11.3.x |
| apple / tvos | - | 9.1.x |
| canonical / ubuntu_linux | 14.04 | 14.04.x |