View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-1839 severity moderate: SUSE including 137 source package names (0.9.1:libxml2-2-2.9.4-36.1, 1.0.0:libxml2-2-2.9.4-36.1, …), 271 product×package rows across 96 product lines (Container caasp/v4/default-http-backend, Container caasp/v4/dnsmasq-nanny, … (96 product lines)): Fixed 271.
The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.