Participants
PG Bug reporting form
PG Bug reporting form
Tom Lane
Tom Lane
Attachments
Show all attachments
Thread Outline
#1PG Bug reporting formPG Bug reporting form
Dec 28, 2020
#2Tom LaneTom Laneto PG Bug reporting form (#1)
Dec 28, 2020

BUG #16793: Libxml2 contains a null pointer dereference flaw in xpath.c

Started by PG Bug reporting formover 5 years ago2 messagesbugs
Jump to latest
#1PG Bug reporting form
PG Bug reporting form
noreply@postgresql.org

The following bug has been logged on the website:

Bug reference: 16793
Logged by: Srinivas Gowda
Email address: srinivasg@jfrog.com
PostgreSQL version: 12.5
Operating system: docker image alpine
Description:

Libxml2 contains a null pointer dereference flaw in xpath.c that is
triggered when handling errors for xpointer expressions. this may allow a
context-dependent attacker to crash a process linked against the library.

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: PG Bug reporting form (#1)
Re: BUG #16793: Libxml2 contains a null pointer dereference flaw in xpath.c

PG Bug reporting form <noreply@postgresql.org> writes:

Libxml2 contains a null pointer dereference flaw in xpath.c that is
triggered when handling errors for xpointer expressions. this may allow a
context-dependent attacker to crash a process linked against the library.

Why are you reporting this here, and not to the libxml2 authors?
There's nothing we can do about it.

regards, tom lane

← Back to Topics