11 matches found
CVE-2018-14404
The CVE-2018-14404 entry affects libxml2 (up to 2.9.8). It describes a NULL pointer dereference in xpath.c:xmlXPathCompOpEval() when parsing an invalid XPath expression in the XPATH_OP_AND/OR case, potentially causing a denial-of-service crash for applications processing untrusted XSL inputs. Pub...
CVE-2017-5130
CVE-2017-5130 describes an integer overflow in libxml2’s xmlmemory.c that could enable a remote attacker to cause heap corruption via a crafted XML file. The vulnerability affects libxml2 up to version before 2.9.5 and has been observed in products such as Google Chrome (prior to 62.0.3202.62) an...
CVE-2017-15412
CVE-2017-15412 is a use-after-free in libxml2 (affected before 2.9.5) used by Chrome and other products, potentially enabling heap corruption via crafted HTML. Connected advisories also reference CVE-2018-14404 (NULL pointer dereference in xmlXPathCompOpEval) affecting libxml2 up to 2.9.8 during ...
CVE-2018-14567
CVE-2018-14567: libxml2 2.9.8 with LZMA support is vulnerable to denial of service via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR (infinite loop). Exploitation vector is a crafted XML payload; affected component is libxml2/xz decompression path when built with --with-lzma. Several vendo...
CVE-2018-9251
CVE-2018-9251 affects libxml2
CVE-2017-7376
CVE-2017-7376 is described in the connected IBM bulletin as a buffer overflow in libxml2 that allows remote code execution by exploiting an incorrect limit for port values when handling redirects. The provided documents confirm the existence of this vulnerability and its impact on libxml2, but do...
CVE-2017-18258
The CVE-2017-18258 entry affects libxml2: the xz_head function in xzlib.c (pre-2.9.6) allows remote attackers to cause a denial of service via crafted LZMA files by not restricting memory usage to a legitimate file. Impact is memory consumption/DoS; no exploit details are provided in the initial ...
CVE-2017-7375
CVE-2017-7375 describes a flaw in the libxml2 parser that allows remote XML entity inclusion when default parser flags are used (no substitution/validation/DTD loading). This XXE can cause access to local files or remote resources (HTTP/FTP) depending on context, potentially expanding the attacke...
CVE-2016-9597
CVE-2016-9597 is a regression for CVE-2016-3705 where Red Hat/JBoss RHSA-2016:2957 did not include the fix for libxml2, leaving a denial-of-service risk via a stack overflow. The connected records confirm libxml2 as the affected library and document multiple publisher advisories (RHSA-2016:1292, ...
CVE-2016-9598
CVE-2016-9598 affects libxml2 as used in Red Hat JBoss Core Services. The vulnerability is a denial-of-service due to an out-of-bounds read in libxml2 triggered by a specially crafted XML document, which can crash the application. Note that this issue exists because of a missing fix for CVE-2016-...
CVE-2016-9596
CVE-2016-9596 is a libxml2-based denial-of-service issue observed in Red Hat JBoss Core Services, triggered by a crafted XML document while in recovery mode. The linked CNVD entry corroborates a DoS via a crafted XML document, noting a stack-related impact (stack corruption/DoS) and that it arise...