Lucene search
K
XmlsoftLibxml2

7 matches found

CVE
CVE
added 2021/05/19 1:45 p.m.614 views

CVE-2021-3517

CVE-2021-3517 is a libxml2 vulnerability affecting versions before 2.9.11. A flaw in the xml entity encoding functionality could allow processing of a crafted XML file to trigger an out‑of‑bounds read, with availability impact and potential confidentiality/integrity impact if memory information i...

8.6CVSS8.4AI score0.0828EPSS
CVE
CVE
added 2021/05/18 11:20 a.m.448 views

CVE-2021-3518

CVE-2021-3518 details (libxml2): A use-after-free exists in libxml2 before v2.9.11 when processing crafted input files through an application linked with libxml2. This can impact confidentiality, integrity, and availability. The issue is triggered by processing a specially crafted file via libxml...

8.8CVSS8.4AI score0.03653EPSS
CVE
CVE
added 2016/07/23 7:0 p.m.322 views

CVE-2016-5131

CVE-2016-5131 is a use-after-free in libxml2 up to version 2.9.4 (as used in Chrome before 52.0.2743.82) triggered by XPointer range-to, leading to possible denial of service and potentially other impact. Connected advisories reaffirms libxml2 as the vulnerable component and references several ve...

8.8CVSS7.8AI score0.0227EPSS
CVE
CVE
added 2018/02/07 11:0 p.m.318 views

CVE-2017-5130

CVE-2017-5130 describes an integer overflow in libxml2’s xmlmemory.c that could enable a remote attacker to cause heap corruption via a crafted XML file. The vulnerability affects libxml2 up to version before 2.9.5 and has been observed in products such as Google Chrome (prior to 62.0.3202.62) an...

8.8CVSS6.6AI score0.02765EPSS
CVE
CVE
added 2018/08/28 7:0 p.m.304 views

CVE-2017-15412

CVE-2017-15412 is a use-after-free in libxml2 (affected before 2.9.5) used by Chrome and other products, potentially enabling heap corruption via crafted HTML. Connected advisories also reference CVE-2018-14404 (NULL pointer dereference in xmlXPathCompOpEval) affecting libxml2 up to 2.9.8 during ...

8.8CVSS7AI score0.02963EPSS
CVE
CVE
added 2025/01/26 12:0 a.m.270 views

CVE-2022-49043

Summary: CVE-2022-49043 affects libxml2 before 2.11.0, where xmlXIncludeAddNode in xinclude.c has a use-after-free vulnerability. The vulnerability is documented across multiple connected sources (Linux distributions and advisories) and is associated with a high impact due to potential memory cor...

8.1CVSS7AI score0.00257EPSS
CVE
CVE
added 2016/03/24 1:0 a.m.165 views

CVE-2016-1762

CVE-2016-1762 (and related libxml2 flaws) affects the GNOME libxml2 library where crafted XML input can cause denial of service or code execution. The primary cited issue is a heap-based buffer over-read in xmlNextChar prior to libxml2 2.9.4. Public advisories list multiple CVEs (e.g., 2016-1833/...

8.1CVSS7AI score0.06466EPSS