MGASA-2014-0214

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-0191

Published: 10 May 2014, 19:46

Last modified:16 Apr 2026, 06:25

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

10 May 2014, 19:46

Published

Vulnerability first disclosed

16 Apr 2026, 06:25

Last Modified

Vulnerability information updated

Description

Updated libxml2 packages fix CVE-2014-0191 Updated libxml2 packages fix security vulnerability: It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially-crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors (CVE-2014-0191).

Affected Systems

mageia•libxml2
< 2.9.0-5.3.mga3
mageia•libxml2
< 2.9.1-2.1.mga4

MGASA-2014-0214

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)