Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:25275
HistoryMay 10, 2020 - 11:23 p.m.

Arbitrary Code Execution

2020-05-1023:23:44
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13

0.006 Low

EPSS

Percentile

78.5%

libxml2 is vulnerable to arbitrary code execution. The vulnerability exists as lparser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a โ€˜%โ€™ character in a DTD name.