2 matches found
3loc (>=0.1.0 <=0.4.0), 3scale (>=0.2.0 <=0.6.2) +657 more potentially affected by CVE-2024-34391 via libxmljs (>=0.10.0 <=1.0.11)
libxmljs NPM version =0.10.0, =0.1.0, =0.2.0, =0.3.2, =0.0.1, =4.0.1, =1.10.4, =1.8.1, =1.5.8, =1.5.1, =1.8.3, =0.1.0, =1.0.1, =1.2.0 and more Source cves: CVE-2024-34391 Source advisory: OSV:GHSA-6433-X5P4-8JC7...
CVE-2024-34391
Summary: CVE-2024-34391 affects libxmljs due to a type confusion when parsing specially crafted XML and calling a function on the result of attrs() on a parsed node. This can lead to severe outcomes including DoS, data leakage, infinite loops, and, on 32-bit systems with XML_PARSE_HUGE, remote co...