Lucene search
K
XmlsoftLibxml2

106 matches found

CVE
CVE
added 2018/08/16 8:0 p.m.70 views

CVE-2016-9596

CVE-2016-9596 is a libxml2-based denial-of-service issue observed in Red Hat JBoss Core Services, triggered by a crafted XML document while in recovery mode. The linked CNVD entry corroborates a DoS via a crafted XML document, noting a stack-related impact (stack corruption/DoS) and that it arise...

6.5CVSS7.2AI score0.01076EPSS
CVE
CVE
added 2026/01/15 2:20 p.m.61 views

CVE-2026-0990

Vulnerability: CVE-2026-0990 affects libxml2. An uncontrolled recursion bug in xmlCatalogXMLResolveURI is triggered when a delegate URI entry references itself, allowing a remote attacker to craft an XML catalog that causes infinite recursion and stack exhaustion, resulting in DoS via application...

5.9CVSS6.3AI score0.00755EPSS
CVE
CVE
added 2026/01/15 2:20 p.m.48 views

CVE-2026-0989

CVE-2026-0989 concerns a flaw in the RelaxNG parser in libxml2 where external schema inclusions can cause unbounded recursion, leading to stack exhaustion and denial-of-service crashes. The connected documents confirm this issue across multiple distributions (e.g., Amazon Linux 2/ALAS advisories,...

3.7CVSS6.2AI score0.00419EPSS
CVE
CVE
added 2026/04/23 10:19 p.m.43 views

CVE-2026-6732

CVE-2026-6732 affects libxml2 and is triggered when parsing an XSD-validated document that contains an internal entity reference, causing a type confusion error and a DoS via crashes. The vulnerability is tied to how libxml2 processes crafted XML Schema Definition inputs, with the impact describe...

7.5CVSS5.7AI score0.00632EPSS
CVE
CVE
added 2026/01/15 2:20 p.m.37 views

CVE-2026-0992

CVE-2026-0992 in libxml2 describes an uncontrolled resource consumption vulnerability. A remote attacker can supply crafted XML catalogs containing repeated elements pointing to the same downstream catalog, causing the parser to redundantly traverse catalog chains. This leads to excessive CPU us...

2.9CVSS6.3AI score0.00308EPSS
CVE
CVE
added 5 days ago13 views

CVE-2026-11979

CVE-2026-11979 affects libxml2 in the xmlcatalog utility when run in --shell mode. The usershell() function reads input into fixed-size stack buffers without proper bounds checking, allowing an overly long input line to overflow buffers (command, arg, argv) and cause stack memory corruption. Cons...

7.8CVSS6.7AI score0.00148EPSS
Total number of security vulnerabilities106