Filtered by vendor Xmlsoft Subscriptions
Filtered by product Libxml2 Subscriptions
Total 90 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2017-16931 1 Xmlsoft 1 Libxml2 2024-08-05 N/A
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
CVE-2017-15412 4 Debian, Google, Redhat and 1 more 10 Debian Linux, Chrome, Ansible Tower and 7 more 2024-08-05 N/A
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-9048 2 Redhat, Xmlsoft 2 Jboss Core Services, Libxml2 2024-08-05 N/A
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more characters without checking whether the current strlen(buf) + 2 < size. This vulnerability causes programs that use libxml2, such as PHP, to crash.
CVE-2017-9049 2 Redhat, Xmlsoft 2 Jboss Core Services, Libxml2 2024-08-05 N/A
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.
CVE-2017-9050 2 Redhat, Xmlsoft 2 Jboss Core Services, Libxml2 2024-08-05 N/A
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839.
CVE-2017-9047 2 Redhat, Xmlsoft 2 Jboss Core Services, Libxml2 2024-08-05 N/A
A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is assigned strlen(buf). If the content->type is XML_ELEMENT_CONTENT_ELEMENT, then (i) the content->prefix is appended to buf (if it actually fits) whereupon (ii) content->name is written to the buffer. However, the check for whether the content->name actually fits also uses 'len' rather than the updated buffer length strlen(buf). This allows us to write about "size" many bytes beyond the allocated memory. This vulnerability causes programs that use libxml2, such as PHP, to crash.
CVE-2017-8872 1 Xmlsoft 1 Libxml2 2024-08-05 N/A
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.
CVE-2017-5969 1 Xmlsoft 1 Libxml2 2024-08-05 N/A
libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
CVE-2017-7375 3 Debian, Google, Xmlsoft 3 Debian Linux, Android, Libxml2 2024-08-05 N/A
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may expose a higher-risk attack surface in libxml2 not usually reachable with default parser flags, and expose content from local files, HTTP, or FTP servers (which might be otherwise unreachable).
CVE-2017-7376 3 Debian, Google, Xmlsoft 3 Debian Linux, Android, Libxml2 2024-08-05 N/A
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
CVE-2017-5130 4 Debian, Google, Redhat and 1 more 4 Debian Linux, Chrome, Rhel Extras and 1 more 2024-08-05 N/A
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
CVE-2018-14567 4 Canonical, Debian, Redhat and 1 more 5 Ubuntu Linux, Debian Linux, Ansible Tower and 2 more 2024-08-05 N/A
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
CVE-2018-14404 4 Canonical, Debian, Redhat and 1 more 6 Ubuntu Linux, Debian Linux, Ansible Tower and 3 more 2024-08-05 N/A
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.
CVE-2018-9251 3 Debian, Redhat, Xmlsoft 3 Debian Linux, Enterprise Linux, Libxml2 2024-08-05 N/A
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
CVE-2019-20388 7 Debian, Fedoraproject, Netapp and 4 more 34 Debian Linux, Fedora, Cloud Backup and 31 more 2024-08-05 7.5 High
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
CVE-2019-19956 8 Canonical, Debian, Fedoraproject and 5 more 15 Ubuntu Linux, Debian Linux, Fedora and 12 more 2024-08-05 7.5 High
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs.
CVE-2020-24977 7 Debian, Fedoraproject, Netapp and 4 more 20 Debian Linux, Fedora, Active Iq Unified Manager and 17 more 2024-08-04 6.5 Medium
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
CVE-2020-7595 8 Canonical, Debian, Fedoraproject and 5 more 35 Ubuntu Linux, Debian Linux, Fedora and 32 more 2024-08-04 7.5 High
xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.
CVE-2021-3537 6 Debian, Fedoraproject, Netapp and 3 more 21 Debian Linux, Fedora, Active Iq Unified Manager and 18 more 2024-08-03 5.9 Medium
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.
CVE-2021-3518 6 Debian, Fedoraproject, Netapp and 3 more 20 Debian Linux, Fedora, Active Iq Unified Manager and 17 more 2024-08-03 8.8 High
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.