Libxml2@* Security Vulnerabilities and Issues — Libxml2@* CVE List

Lucene search

XmlsoftLibxml2*

3 matches found

CVE•added 2008/09/02 2:0 p.m.•129 views

CVE-2003-1564

libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs at...

9.3CVSS6.9AI score0.00852EPSS

CVE•added 2008/09/12 4:56 p.m.•111 views

CVE-2008-3529

Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.

10CVSS7.3AI score0.58863EPSS

CVE•added 2008/08/27 8:41 p.m.•78 views

CVE-2008-3281

libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.

6.5CVSS6.3AI score0.00802EPSS