35 matches found
CVE-2024-25062
CVE-2024-25062 : Affects libxml2 prior to 2.11.7 and 2.12.x prior to 2.12.5. When using the XML Reader with DTD validation and XInclude expansion, crafted XML can trigger an xmlValidatePopElement use-after-free, as described in multiple connected sources. Impact is described as an availability co...
CVE-2024-34459
The CVE-2024-34459 issue affects libxml2’s xmllint when using --htmlout, where a formatting error in error messages can trigger a buffer over-read in xmlHTMLPrintFileContext. The vulnerability concerns xmllint and the libxml2 parser before versions 2.11.8 and 2.12.x before 2.12.7. A PoC exists pe...
CVE-2020-7595
CVE-2020-7595 affects libxml2, specifically the xmlStringLenDecodeEntities function in parser.c of version 2.9.10, which can enter an infinite loop in certain end-of-file situations. Several connected advisories (e.g., ASA-202011-15) corroborate the issue and describe the impact as potential deni...
CVE-2019-20388
CVE-2019-20388 affects libxml2 2.9.10. The Broadcom advisory BSNSA36819 confirms a memory leak in xmlSchemaValidateStream (xmlschemas.c) that can impact availability (memory exhaustion) when processing XML schemas. Affected component: libxml2’s xmlSchemaValidateStream; root cause relates to a lea...
CVE-2019-19956
Summary (CVE-2019-19956) libxml2 before 2.9.10 contains a memory leak in xmlParseBalancedChunkMemoryRecover (parser.c) related to newDoc->oldNs. This can lead to memory not being freed (partial impact noted) and, per mapped references, contributes to DoS scenarios. The CVSS data across sources...
CVE-2022-23308
CVE-2022-23308 affects libxml2 before 2.9.13, caused by a use-after-free in ID/IDREF attributes in valid.c. The NVD data shows a CVSS 3.1 base score of 7.5 (NETWORK, PR:N, UI:N, S:U, C:N/I:N/A:H) and CVSS 2.0 base score of 4.3 (NETWORK, A:P). Connected advisories confirm the same flaw and referen...
CVE-2015-5312
Summary (CVE-2015-5312) A DoS via XML entity expansion was reported in libxml2 (xmlStringLenDecodeEntities in parser.c) affecting versions before 2.9.3. The issue allows a context-dependent attacker to trigger high CPU usage by processing crafted XML data, as described in the CVE entry and corrob...
CVE-2022-40303
CVE-2022-40303 affects libxml2 prior to 2.10.3. When parsing multi‑gigabyte XML with XML_PARSE_HUGE enabled, integer counters can overflow and cause an access at a negative 2GB offset, typically leading to a segmentation fault. Public sources (including libxml2‑focused advisories and AWS ALAS/BSN...
CVE-2022-40304
CVE-2022-40304: libxml2 before 2.10.3 contains invalid XML entity definitions that can corrupt a hash table key, potentially triggering logic errors and, in at least one case, a double-free. Affected library is libxml2; CVSS v3.1 shows base score 7.8 (HIGH) with LOCAL access, high impact. Public ...
CVE-2018-14404
The CVE-2018-14404 entry affects libxml2 (up to 2.9.8). It describes a NULL pointer dereference in xpath.c:xmlXPathCompOpEval() when parsing an invalid XPath expression in the XPATH_OP_AND/OR case, potentially causing a denial-of-service crash for applications processing untrusted XSL inputs. Pub...
CVE-2025-24928
CVE-2025-24928 affects libxml2 (versions before 2.12.10 and 2.13.x before 2.13.6) with a stack-based buffer overflow in xmlSnprintfElements (valid.c) that requires DTD validation for exploitation. Remediation per connected docs: upgrade libxml2 to 2.12.10+ or 2.13.6+ (e.g., via libxml2 update) an...
CVE-2015-6837
The vulnerability CVE-2015-6837/6838 is a NULL pointer dereference in PHP’s XSLTProcessor (ext/xsl/xsltprocessor.c) when using libxslt, triggered by valuePop() returning NULL without a check. Affected PHP versions are prior to 5.4.45, 5.5.x prior to 5.5.29, and 5.6.x prior to 5.6.13 when libxml2
CVE-2015-6838
CVE-2015-6838 affects PHP’s XSLTProcessor (ext/xsl/xsltprocessor.c). When libxml2 before 2.9.2 is used, the code does not guard the return value of valuePop(), allowing a NULL pointer dereference that can crash the application (denial of service). The vulnerability is documented as: PHP versions ...
CVE-2025-27113
Summary of CVE-2025-27113 context and public details : The vulnerability is in libxml2 (affected patterns CVE-2025-27113) with a NULL pointer dereference in xmlPatMatch (pattern.c). Public documentation indicates affected releases include libxml2 versions prior to 2.12.10 and 2.13.x prior to 2.13...
CVE-2016-4447
CVE-2016-4447 affects libxml2 up to version before 2.9.4. The vulnerability is in the xmlParseElementDecl function (parser.c) where a crafted file via xmlParseName can cause a heap-based buffer underread, leading to denial of service (application crash). Remediation: upgrade to libxml2 2.9.4 or n...
CVE-2017-9047
CVE-2017-9047: libxml2 contains a stack-based buffer overflow in xmlSnprintfElementContent (valid.c) when dumping element content definitions; the check uses the pre-update length, allowing writes beyond the buffer and potentially crashing programs (e.g., PHP). The provided documents describe the...
CVE-2025-32414
CVE-2025-32414 concerns libxml2 prior to 2.13.8 and 2.14.x prior to 2.14.2, where the Python bindings can trigger an out-of-bounds memory access due to an incorrect return value in the Python API. Affected code paths include xmlPythonFileRead and xmlPythonFileReadRaw, caused by a mismatch between...
CVE-2017-16932
CVE-2017-16932 affects the libxml2 parser: in versions before 2.9.5, expanding a parameter entity in a DTD can result in infinite recursion, potentially leading to a denial of service or memory exhaustion. Affected component is the libxml2 XML C parser. Connected sources corroborate the issue and...
CVE-2025-32415
CVE-2025-32415 affects libxml2: vulnerable in versions prior to 2.13.8 and 2.14.x prior to 2.14.2. The root cause is a heap-based buffer under-read in xmlSchemaIDCFillNodeTables (xmlschemas.c) that can be triggered by validating a crafted XML against a specific identity-constrained XML schema or ...
CVE-2017-9050
CVE-2017-9050 affects libxml2 (notably 2.9.4 builds such as 20904-GITv2.9.4-16-g0741801). Root cause: a heap-based buffer over-read in dict.c:xmlDictAddString, stemming from an incomplete fix for CVE-2016-1839. Impact: can cause a crash in applications using libxml2 (e.g., PHP). Public details in...
CVE-2016-3627
CVE-2016-9596, related to libxml2 used in Red Hat JBoss Core Services, allows a denial of service via crafted XML when in recovery mode. This vulnerability exists because of an incorrect fix for CVE-2016-3627 and results in stack consumption. The issue is specifically described as a DoS (stack gr...
CVE-2016-4483
CVE-2016-4483 is a libxml2 serialization bug: xmlBufAttrSerializeTxtContent can trigger an out-of-bounds read when a non-UTF-8 attribute value is serialized, leading to a denial of service. Connected records note related follow-ons: CVE-2016-9598 (and CVE-2016-9596) describe DoS/out-of-bounds sce...
CVE-2025-6021
Affects libxml2: multiple vendors report CVE-2025-6021 (integer overflow in xmlBuildQName causing stack-based buffer overflow). Documents show vulnerable libxml2 variants across distributions (e.g., AWS ALAS advisories for libxml2 with 2.9/2.10 lines; AIX advisory listing affected filesets; Astra...
CVE-2010-4494
CVE-2010-4494 is a double-free vulnerability in libxml2 (notably 2.7.8 and related versions) used by Chrome and other products. The issue affects libxml2’s handling of XPath/XML entities and could allow a remote attacker to crash or potentially execute code via crafted XML input. Public advisorie...
CVE-2017-9049
CVE-2017-9049 affects libxml2 prior to a fix released after 2.9.4. It describes a heap-based buffer over-read in xmlDictComputeFastKey within dict.c, which can cause programs using libxml2 (e.g., PHP) to crash. The vulnerability arises from an incomplete fix (Bug 759398). Public references show t...
CVE-2016-3705
CVE-2016-3705 affects libxml2 (tracked in CVE-2016-3705) and is caused by insufficient tracking of recursion depth in parser.c (functions xmlParserEntityCheck and xmlParseAttValueComplex). A crafted XML document with many nested entity references can exhaust the stack, causing a denial of service...
CVE-2016-4449
CVE-2016-4449 is an XML External Entity (XXE) vulnerability in libxml2’s parser.c (xmlStringLenDecodeEntities) affecting libxml2 up to version 2.9.4. ALT Linux advisory entries show a confirmed fix in libxml2 version 2.9.4.0.12.e905-alt1 (and related package updates), indicating that patches were...
CVE-2017-9048
CVE-2017-9048 affects libxml2. The vulnerability is a stack-based buffer overflow in the function xmlSnprintfElementContent (valid.c): when recursively dumping element content, the code may strcat two characters after computing the current length without ensuring the buffer has space, allowing a ...
CVE-2016-1840
CVE-2016-1840: libxml2 contains a heap-based buffer overflow in xmlFAParsePosCharGroup (pre-2.9.4). Affected on Apple iOS (pre-9.3.2), OS X (pre-10.11.5), tvOS (pre-9.2.1), watchOS (pre-2.2.1); can lead to remote code execution or memory corruption. Remediation: upgrade libxml2 to 2.9.4 or later ...
CVE-2015-8806
CVE-2015-8806 — libxml2 heap-buffer overread in dict.c . A remote attacker can crash an affected application by sending a crafted HTML document containing an unexpected character immediately after the "
CVE-2016-9597
CVE-2016-9597 is a regression for CVE-2016-3705 where Red Hat/JBoss RHSA-2016:2957 did not include the fix for libxml2, leaving a denial-of-service risk via a stack overflow. The connected records confirm libxml2 as the affected library and document multiple publisher advisories (RHSA-2016:1292, ...
CVE-2013-1969
CVE-2013-1969 affects libxml2 (notably 2.9.0 and possibly later) with multiple use-after-free vulnerabilities in parsing code. The advisory describes context-dependent attackers potentially crashing the process or, in some cases, executing arbitrary code via the htmlParseChunk and xmldecl_done pa...
CVE-2004-0110
The CVE-2004-0110 issue is a real vulnerability in libxml (XMLSoft Libxml2) affecting versions 2.6.0–2.6.5, where a long URL can trigger a buffer overflow in the nanohttp/nanoftp URL parsing paths, enabling remote arbitrary code execution. Related CVEs (CVE-2004-0989) cover buffer overflows in FT...
CVE-2026-6732
CVE-2026-6732 affects libxml2 and is triggered when parsing an XSD-validated document that contains an internal entity reference, causing a type confusion error and a DoS via crashes. The vulnerability is tied to how libxml2 processes crafted XML Schema Definition inputs, with the impact describe...
CVE-2026-11979
CVE-2026-11979 affects libxml2 in the xmlcatalog utility when run in --shell mode. The usershell() function reads input into fixed-size stack buffers without proper bounds checking, allowing an overly long input line to overflow buffers (command, arg, argv) and cause stack memory corruption. Cons...