Amazon Linux AMI : libxml2 (ALAS-2018-1072)
Medium Nessus Plugin ID 117344
Synopsis
The remote Amazon Linux AMI host is missing a security update.
Description
A NULL pointer dereference vulnerability exists in the
xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid
XPath expression. Applications processing untrusted XSL format inputs
with the use of libxml2 library may be vulnerable to denial of service
attack due to crash of the application.(CVE-2018-14404)
Solution
Run 'yum update libxml2' to update your system.