MGASA-2020-0101

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2019-20388 CVE-2020-7595

Published: 24 Feb 2020, 21:44

Last modified:16 Apr 2026, 04:26

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

24 Feb 2020, 21:44

Published

Vulnerability first disclosed

16 Apr 2026, 04:26

Last Modified

Vulnerability information updated

Description

Updated libxml2_2 packages fix security vulnerabilities Updated libxml2 packages fix security vulnerabilities: xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak (CVE-2019-20388). xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation (CVE-2020-7595).

Affected Systems

mageia•libxml2
< 2.9.9-2.3.mga7

References (3)

https://advisories.mageia.org/MGASA-2020-0101.html
https://bugs.mageia.org/show_bug.cgi?id=26222
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/