JLSEC-2025-77 An issue was discovered in libxml2 before 2.10.3

An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault...

GHSA-MJR4-7XG5-PFVH libxmljs2 type confusion vulnerability when parsing specially crafted XML

libxmljs2 is vulnerable to type confusion when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop and remote code...

SUSE CVE-2019-18853

ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XMLPARSEHUGE is not properly restricted in coders/svg.c, related to SVG and libxml2...

libxml2: integer overflows with XML_PARSE_HUGE

A flaw was found in libxml2. Parsing a XML document with the XMLPARSEHUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation...

libxml2: integer overflows with XML_PARSE_HUGE

A flaw was found in libxml2. Parsing a XML document with the XMLPARSEHUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation...

CLSA-2022-1670522857 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

PT-2022-5387 · Libxml2 +12 · Libxml2 +12

Name of the Vulnerable Software and Affected Versions: libxml2 versions prior to 2.10.3 Description: The issue is related to an integer overflow in the xmlParseNameComplex function of the libxml2 library when parsing XML documents with the XML PARSE HUGE parser option enabled. This can lead to an...

ImageMagick Denial of Service Vulnerability (CNVD-2019-41017)

ImageMagick is a set of open source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. A security vulnerability exists in ImageMagick versions prior to 7.0.9-0, which stems from a failure to properly...