Libxml2@* Security Vulnerabilities and Issues — Libxml2@* CVE List

Lucene search

XmlsoftLibxml2*

5 matches found

CVE•added 2021/05/14 8:15 p.m.•533 views

CVE-2021-3537

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest th...

5.9CVSS7AI score0.00127EPSS

CVE•added 2021/05/19 2:15 p.m.•492 views

CVE-2021-3517

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this fla...

8.6CVSS8.4AI score0.00077EPSS

CVE•added 2021/07/09 5:15 p.m.•404 views

CVE-2021-3541

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

6.5CVSS7AI score0.00065EPSS

CVE•added 2021/05/18 12:15 p.m.•399 views

CVE-2021-3518

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

8.8CVSS8.4AI score0.00188EPSS

CVE•added 2021/06/01 2:15 p.m.•330 views

CVE-2021-3516

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.

7.8CVSS7.9AI score0.00362EPSS