CRITICAL9.8CVE-2024-56171libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmls… from 0, < 2.11.8-r1
from 0, < 2.9.5-r0
CRITICAL9.1A vulnerability was found in libxml2.
from 0, < 2.13.9-r0
CRITICAL9.1A use-after-free vulnerability was found in libxml2.
from 0, < 2.13.9-r0
HIGH8.8Nokogiri Implements libxml2 version vulnerable to use-after-free
from 0, < 2.9.9-r5
HIGH8.8Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a den…
from 0, < 2.9.4-r1
HIGH8.6Nokogiri contains libxml Out-of-bounds Write vulnerability
from 0, < 2.9.9-r5
HIGH7.8An issue was discovered in libxml2 before 2.10.3.
from 0, < 2.9.14-r2
HIGH7.7libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c.
from 0, < 2.11.8-r1
HIGH7.5A flaw was found in libxml2.
from 0, < 2.13.9-r1
HIGH7.5A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions.
from 0, < 2.13.9-r0
HIGH7.5Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2
from 0, < 2.13.9-r0
HIGH7.5In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read.
from 0, < 2.11.8-r3
HIGH7.5libxml2 - security update
from 0, < 2.11.8-r3
HIGH7.5libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.
from 0, < 2.11.8-r2
HIGH7.5libxml2 - security update
from 0, < 2.11.8-r0
HIGH7.5An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5.
from 0, < 2.11.7-r0
HIGH7.5libxml2 - security update
from 0, < 2.9.14-r2
HIGH7.5valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
from 0, < 2.9.13-r0
HIGH7.5libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation
from 0, < 2.9.8-r2
HIGH7.5xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
from 0, < 2.9.10-r3
HIGH7.5libxml2 - security update
from 0, < 2.9.9-r3
HIGH7.5Nokogiri NULL Pointer Dereference
from 0, < 2.9.8-r1
MEDIUM6.5An issue was discovered in libxml2 before 2.10.4.
from 0, < 2.10.4-r0
MEDIUM6.5libxml2 - security update
from 0, < 2.10.4-r0
MEDIUM6.5libxml2 - security update
from 0, < 2.9.14-r0
MEDIUM6.5libxml2 - security update
from 0, < 2.9.12-r0
MEDIUM6.5GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.
from 0, < 2.9.9-r4
MEDIUM6.5libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that tri…
from 0, < 2.9.8-r1
MEDIUM6.1libxml2 - security update
from 0, < 2.9.11-r0
MEDIUM5.9Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing
from 0, < 2.9.9-r5
MEDIUM5.5libxml2 - security update
from 0, < 2.9.4-r2
MEDIUM5.3lxml NULL Pointer Dereference allows attackers to cause a denial of service
from 0, < 2.9.14-r1
MEDIUM5.3The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite…
from 0, < 2.9.8-r1
MEDIUM4.7libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML…
from 0, < 2.9.4-r4
LOW2.5A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files.
from 0, < 2.13.9-r0