2 matches found
CVE-2010-4494
CVE-2010-4494 is a double-free vulnerability in libxml2 (notably 2.7.8 and related versions) used by Chrome and other products. The issue affects libxml2’s handling of XPath/XML entities and could allow a remote attacker to crash or potentially execute code via crafted XML input. Public advisorie...
CVE-2010-4008
CVE-2010-4008 affects libxml2 prior to 2.7.8 and is triggered by malformed XPath expressions, causing an application crash via invalid memory access. It is noted in advisories tied to libxml2 updates for platforms using the library (e.g., Chrome and Safari stacks). The connected records reference...