CVE-2024-34393

libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop...

EUVD-2024-1484

Malicious code in bioql PyPI...

EUVD-2024-1690

Malicious code in bioql PyPI...

CVE-2024-34394

libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces function which invokes XmlNode::getlocalnamespaces on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code...

@128technology/ply (>=1.0.0-alpha.0 <=1.0.0-alpha.7), @128technology/yinz (=5.0.0-alpha.6) +100 more potentially affected by CVE-2024-34394 via libxmljs2 (>=0.21.7 <=0.35.0)

libxmljs2 NPM version =0.21.7, =1.0.0-alpha.0, =5.0.0, =1.2.0, =2.4.0, =1.0.0, =1.14.0, =1.0.0, =3.0.0, =0.0.1-beta, =6.0.0, =6.0.0, =11.0.0, =23.14.1-alpha.0 and more Source cves: CVE-2024-34394 Source advisory: OSV:GHSA-78H3-PG4X-J8CV...

PT-2024-25854 · Libxmljs2 · Libxmljs2

Name of the Vulnerable Software and Affected Versions: libxmljs2 affected versions not specified Description: The issue is related to a type confusion vulnerability that occurs when parsing a specially crafted XML. This happens while invoking a function on the result of attrs that was called on a...