Your submission was sent successfully! Close

CVE-2016-9597

Published: 30 July 2018

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.

Notes

AuthorNote
mdeslaur
Red Hat bug states this CVE is for a Red Hat specific regression
that duplicated other public CVEs
"missing/incorrect fix for CVE-2016-3705 in the Red Hat JBoss
Core Services."
Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
libxml2
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Not vulnerable

upstream Needs triage

xenial Not vulnerable

yakkety Not vulnerable