Lucene search
K
XmlsoftLibxml2

6 matches found

CVE
CVE
added 2017/04/11 4:0 p.m.160 views

CVE-2017-5969

CVE-2017-5969 affects libxml2: a NULL pointer dereference in xmlSaveDoc when libxml2 is used in recover mode, enabling DoS via a crafted XML document. Connected IBM advisories confirm libxml2 is vulnerable in multiple IBM products (CMM, IMM2, Chassis/Streams/Cognos) and specify remediation via fi...

4.7CVSS5.5AI score0.0263EPSS
CVE
CVE
added 2009/08/11 6:0 p.m.143 views

CVE-2009-2414

CVE-2009-2414 and CVE-2009-2416 affect libxml2/libxml (legacy 2.5.10/2.6.x and libxml1 1.8.17). CVE-2009-2414 is a stack-growth/recursion issue in DTD processing (depth of element declarations) leading to DoS via application crash; CVE-2009-2416 involves use-after-free via crafted Notation or Enu...

4.3CVSS6.2AI score0.03121EPSS
CVE
CVE
added 2015/11/18 4:0 p.m.136 views

CVE-2015-7941

CVE-2015-7941 affects libxml2 2.9.2, where parsing does not stop on invalid input, enabling a context-dependent attacker to trigger an out-of-bounds read and crash via crafted XML data in xmlParseEntityDecl or xmlParseConditionalSections. Connected docs confirm corroborating DoS/out-of-bounds rep...

4.3CVSS6.6AI score0.03069EPSS
CVE
CVE
added 2013/04/25 11:0 p.m.126 views

CVE-2013-0338

The vulnerability described (CVE-2013-0338) affects libxml2 2.9.0 and earlier, where an XML file containing an entity declaration with long replacement text and many references can cause a denial of service through entity expansion. This is a context-dependent DoS affecting CPU and memory usage. ...

4.3CVSS8AI score0.02856EPSS
CVE
CVE
added 2010/11/16 11:0 p.m.120 views

CVE-2010-4008

CVE-2010-4008 affects libxml2 prior to 2.7.8 and is triggered by malformed XPath expressions, causing an application crash via invalid memory access. It is noted in advisories tied to libxml2 updates for platforms using the library (e.g., Chrome and Safari stacks). The connected records reference...

4.3CVSS5.6AI score0.03133EPSS
CVE
CVE
added 2025/08/08 4:32 p.m.102 views

CVE-2025-8732

CVE-2025-8732 affects libxml2 up to 2.14.5, with a vulnerability in xmlParseSGMLCatalog that can trigger uncontrolled recursion during SGML catalog processing. Local attackers are required, and exploit details have circulated publicly; the real-world impact remains debated in some sources. Severa...

4.8CVSS4AI score0.00202EPSS