Description

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

Remediation

References

CVE-2020-24977

Related Vulnerabilities

PostgreSQL Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2005-0227)

WordPress Plugin Companion Sitemap Generator Cross-Site Request Forgery (3.6.6)

WordPress Plugin Image Hover Effects Ultimate (Image Gallery, Effects, Lightbox, Comparison or Magnifier) Multiple Cross-Site Scripting Vulnerabilities (9.7.3)

WordPress Plugin ND Shortcodes For Visual Composer Security Bypass (5.8)

WordPress Plugin Premium SEO Pack Multiple Vulnerabilities (1.8.0)

Severity

Medium

Classification

CVE-2020-24977 CWE-125 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

Tags

Missing Update Known Vulnerabilities