7.7 High
AI Score
Confidence
Low
0.944 High
EPSS
Percentile
99.2%
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.