MGASA-2014-0418

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-3660

Published: 23 Oct 2014, 13:27

Last modified:16 Apr 2026, 06:24

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

23 Oct 2014, 13:27

Published

Vulnerability first disclosed

16 Apr 2026, 06:24

Last Modified

Vulnerability information updated

Description

Updated libxml2 packages fix security vulnerability A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior (CVE-2014-3660).

Affected Systems

mageia•libxml2
< 2.9.0-5.4.mga3
mageia•libxml2
< 2.9.1-2.2.mga4

MGASA-2014-0418

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)