参照: Official alpine advisory, NVD, CVE.org · CVE 詳細
Freshness: no update timestamp found; verify against the upstream OS advisory manually.
CVE-2017-8872: 1 source package rows (libxml2); 15 state rows across 5 repos (3.19-main, 3.20-main, 3.21-main, 3.22-main, edge-main); fixed 0, open 15.
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.