Lucene search
K

27 matches found

OSV
OSV
added 2025/04/17 5:15 p.m.3 views

ALPINE-CVE-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

7.5CVSS7.1AI score0.00527EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.3 views

libxml2 安全漏洞

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 versions prior to 2.13.8 and prior to 2.14.2, which stems from a heap buffer under-read in...

7.5CVSS6.5AI score0.00527EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/04/05 12:0 a.m.4 views

PT-2025-17209

Name of the Vulnerable Software and Affected Versions libxml2 versions 2.13.7 and earlier, libxml2 versions 2.14.x before 2.14.2 Description The issue is related to a heap-based buffer under-read in the xmlSchemaIDCFillNodeTables function in xmlschemas.c. This can be exploited by validating a...

7.5CVSS7.4AI score0.00527EPSS
Exploits2References104
OSV
OSV
added 2025/03/19 10:46 a.m.6 views

CLSA-2025-1742379480 libxml2: Fix of 2 CVEs

CVE-2024-56171: fix use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c - CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c...

9.8CVSS7.4AI score0.0113EPSS
Exploits0References1
OSV
OSV
added 2025/02/18 10:15 p.m.16 views

CVE-2024-56171

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be...

9.8CVSS7.7AI score
Exploits0References11
CVE
CVE
added 2025/02/18 12:0 a.m.331 views

CVE-2024-56171

CVE-2024-56171 affects libxml2 up to 2.12.9 and 2.13.x up to 2.13.5. It is a use-after-free in the functions xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables (in xmlschemas.c). To exploit, a crafted XML document must be validated against an XML schema with certain identity constraints,...

9.8CVSS7.2AI score0.0113EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2025/02/18 12:0 a.m.6 views

CVE-2024-56171

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be...

9.8CVSS6.3AI score0.0113EPSS
Exploits0
Rows per page
Query Builder