EUVD-2024-1447

Malicious code in bioql PyPI...

Type Confusion

libxmljs is vulnerable to Type Confusion. The vulnerability is caused by parsing a specially crafted XML documented due to invoking the namespaces function on a grand-child node that refers to an entity. This allows an attacker to execute arbitrary code, or cause Denial of Service DoS...

Type Confusion

libxmljs is vulnerable to Type Confusion. The vulnerability is due to parsing a specially crafted XML document and invoking a function on the result of attrs that was called on a parsed node. This issue may lead to Denial of Service DoS, data exfiltration or Remote Code Execution RCE...

libxmljs vulnerable to type confusion when parsing specially crafted XML

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces function which invokes wrapxmlNodensDefget on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution...

3loc (>=0.1.0 <=0.4.0), 3scale (>=0.2.0 <=0.6.2) +657 more potentially affected by CVE-2024-34392 via libxmljs (>=0.10.0 <=1.0.11)

libxmljs NPM version =0.10.0, =0.1.0, =0.2.0, =0.3.2, =0.0.1, =4.0.1, =1.10.4, =1.8.1, =1.5.8, =1.5.1, =1.8.3, =0.1.0, =1.0.1, =1.2.0 and more Source cves: CVE-2024-34392 Source advisory: OSV:GHSA-MG49-JQGW-GCJ6...

3loc (>=0.1.0 <=0.4.0), 3scale (>=0.2.0 <=0.6.2) +657 more potentially affected by CVE-2024-34391 via libxmljs (>=0.10.0 <=1.0.11)

libxmljs NPM version =0.10.0, =0.1.0, =0.2.0, =0.3.2, =0.0.1, =4.0.1, =1.10.4, =1.8.1, =1.5.8, =1.5.1, =1.8.3, =0.1.0, =1.0.1, =1.2.0 and more Source cves: CVE-2024-34391 Source advisory: OSV:GHSA-6433-X5P4-8JC7...

GHSA-6433-X5P4-8JC7 libxmljs vulnerable to type confusion when parsing specially crafted XML

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop a...

GHSA-MG49-JQGW-GCJ6 libxmljs vulnerable to type confusion when parsing specially crafted XML

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces function which invokes wrapxmlNodensDefget on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution...

libxmljs vulnerable to type confusion when parsing specially crafted XML

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop a...

CVE-2024-34392

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces function which invokes wrapxmlNodensDefget on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution...

CVE-2024-34391

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop a...

CVE-2024-34391

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop a...

CVE-2024-34392

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces function which invokes wrapxmlNodensDefget on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution...

CVE-2024-34392 libxmljs namespaces type confusion RCE

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces function which invokes wrapxmlNodensDefget on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution...

CVE-2024-34392

CVE-2024-34392 : The libxmljs library (Node.js bindings) is affected by a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which calls _wrap__xmlNode_nsDef_get()) on a grand-child of a node that refers to an entity. This can lead to denia...

CVE-2024-34392 libxmljs namespaces type confusion RCE

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces function which invokes wrapxmlNodensDefget on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution...

CVE-2024-34391 libxmljs attrs type confusion RCE

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop a...

CVE-2024-34391 libxmljs attrs type confusion RCE

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop a...

CVE-2024-34391

Summary: CVE-2024-34391 affects libxmljs due to a type confusion when parsing specially crafted XML and calling a function on the result of attrs() on a parsed node. This can lead to severe outcomes including DoS, data leakage, infinite loops, and, on 32-bit systems with XML_PARSE_HUGE, remote co...

libxmljs 安全漏洞

libxmljs is the LibXML binding for node.js. A security vulnerability exists in libxmljs that stems from the presence of a type confusion vulnerability...