CVE-2020-24977 vulnerability in NetApp and Other Products
Published on September 4, 2020

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

Github Repository Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2020-24977

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-24977 are published in these products:

NetApp Active Iq Unified Manager

NetApp Clustered Data Ontap

NetApp Clustered Data Ontap Antivirus Connector

NetApp Snapdrive

Xmlsoft Libxml2

Debian Linux

Fedora Project Fedora

OpenSuse Leap

Canonical Ubuntu Linux

NetApp Inventory Collect Tool

NetApp Manageability Software Development Kit

Oracle Enterprise Manager Ops Center

Oracle Mysql Workbench

Oracle Real User Experience Insight

Oracle Http Server

Oracle Peoplesoft Enterprise Peopletools

Oracle Enterprise Manager Base Platform

Oracle Communications Cloud Native Core Network Function Cloud Native Environment

Vulnerable Packages

The following package name and versions may be associated with CVE-2020-24977

Package Manager	Vulnerable Package	Versions	Fixed In
rubygems	nokogiri	< 1.11.4	1.11.4

Exploit Probability

EPSS

0.50%

Percentile

65.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-24977 vulnerability in NetApp and Other ProductsPublished on September 4, 2020

Products Associated with CVE-2020-24977

Vulnerable Packages

Exploit Probability

CVE-2020-24977 vulnerability in NetApp and Other Products
Published on September 4, 2020