CRITICAL9.8CVE-2024-56171libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmls… from 0, < 2.9.10+dfsg-6.7+deb11u6
from 0, < 2.9.4+dfsg1-2.1
from 0, < 2.9.1+dfsg1-5+deb8u4
CRITICAL9.8libxml2 - security update
from 0, < 2.8.0+dfsg1-7+wheezy7
CRITICAL9.8Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling…
from 0, < 2.9.4+dfsg1-3.1
CRITICAL9.8libxml2 - security update
from 0, < 2.9.4+dfsg1-3.1
CRITICAL9.8libxml2 - security update
from 0, < 2.8.0+dfsg1-7+wheezy8
CRITICAL9.8libxml2 - security update
from 0, < 2.8.0+dfsg1-7+wheezy11
CRITICAL9.8libxml2 - security update
from 0, < 2.9.4+dfsg1-3.1
CRITICAL9.8Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vec…
from 0, < 2.9.4+dfsg1-1
CRITICAL9.8The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-o…
from 0, < 2.9.2+really2.9.1+dfsg1-0.1
CRITICAL9.1A vulnerability was found in libxml2.
from 0, < 2.9.10+dfsg-6.7+deb11u8
CRITICAL9.1A use-after-free vulnerability was found in libxml2.
from 0, < 2.9.10+dfsg-6.7+deb11u8
CRITICAL9.1The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or info…
from 0, < 2.9.4+dfsg1-6.1
HIGH8.8Nokogiri Implements libxml2 version vulnerable to use-after-free
from 0, < 2.9.10+dfsg-6.6
HIGH8.8libxml2 - security update
from 0, < 2.9.4+dfsg1-5.2
HIGH8.8libxml2 - security update
from 0, < 2.8.0+dfsg1-7+wheezy12
HIGH8.8libxml2 - security update
from 0, < 2.9.1+dfsg1-5+deb8u6
HIGH8.8libxml2 - security update
from 0, < 2.8.0+dfsg1-7+wheezy10
HIGH8.8libxml2 - security update
from 0, < 2.9.4+dfsg1-5.1
HIGH8.8Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a den…
from 0, < 2.9.4+dfsg1-2.1
HIGH8.8Use-after-free vulnerability in the xmlSAX2AttributeNs function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2 and OS X before…
from 0, < 2.9.3+dfsg1-1.1
HIGH8.6Nokogiri contains libxml Out-of-bounds Write vulnerability
from 0, < 2.9.10+dfsg-6.6
HIGH8.1The xmlNextChar function in libxml2 before 2.9.4 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a c…
from 0, < 2.9.3+dfsg1-1.1
HIGH7.8Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr
from 0, < 2.9.14+dfsg-1.3~deb12u4
HIGH7.8libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u6
HIGH7.8libxml2 - security update
from 0, < 2.9.14+dfsg-1.3~deb12u2
HIGH7.8libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u6
HIGH7.8An issue was discovered in libxml2 before 2.10.3.
from 0, < 2.9.10+dfsg-6.7+deb11u3
HIGH7.8libxml2 - security update
from 0, < 2.9.10+dfsg-6.6
HIGH7.8libxml2 - security update
from 0, < 2.9.4+dfsg1-2.2+deb9u4
HIGH7.8libxml2 - security update
from 0, < 2.9.4+dfsg1-3.1
HIGH7.8libxml2 - security update
from 0, < 2.8.0+dfsg1-7+wheezy9
HIGH7.8libxml2 - security update
from 0, < 2.9.1+dfsg1-5+deb8u5
HIGH7.8Heap-based buffer overflow in the xmlFAParsePosCharGroup function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 1…
from 0, < 2.9.3+dfsg1-1.1
HIGH7.8Heap-based buffer overflow in the xmlStrncat function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS…
from 0, < 2.9.3+dfsg1-1.1
HIGH7.7libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c.
from 0, < 2.9.10+dfsg-6.7+deb11u6
HIGH7.5A flaw was found in libxml2.
from 0
HIGH7.5A flaw was found in the xmlSetTreeDoc() function of the libxml2 XML parsing library.
from 0
HIGH7.5A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions.
from 0
HIGH7.5Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2
from 0, < 2.9.10+dfsg-6.7+deb11u8
HIGH7.5In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read.
from 0, < 2.9.10+dfsg-6.7+deb11u7
HIGH7.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u7
HIGH7.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u7
HIGH7.5libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.
from 0, < 2.9.10+dfsg-6.7+deb11u6
HIGH7.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u8
HIGH7.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u8
HIGH7.5An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5.
from 0, < 2.9.10+dfsg-6.7+deb11u6
HIGH7.5libxml2 - security update
from 0, < 2.9.4+dfsg1-7+deb10u5
HIGH7.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u3
HIGH7.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u3
HIGH7.5Nokogiri gem, via libxml, is affected by DoS vulnerabilities
from 0, < 2.9.10+dfsg-2
HIGH7.5valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
from 0, < 2.9.10+dfsg-6.7+deb11u1
HIGH7.5libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation
from 0, < 2.9.10+dfsg-2.1
HIGH7.5xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
from 0, < 2.9.10+dfsg-2.1
HIGH7.5libxml2 - security update
from 0, < 2.9.1+dfsg1-5+deb8u8
HIGH7.5libxml2 - security update
from 0, < 2.9.10+dfsg-2
HIGH7.5Nokogiri NULL Pointer Dereference
from 0, < 2.9.10+dfsg-2
HIGH7.5libxml2 - security update
from 0, < 2.8.0+dfsg1-7+wheezy6
HIGH7.5libxml2 - security update
from 0, < 2.9.3+dfsg1-1.1
HIGH7.5libxml2 - security update
from 0, < 2.9.1+dfsg1-5+deb8u2
HIGH7.5Out-of-bounds read in nokogiri
from 0, < 2.9.4+dfsg1-3.1
HIGH7.5libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c.
from 0, < 2.9.4+dfsg1-3.1
HIGH7.5libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow.
from 0, < 2.9.4+dfsg1-3.1
HIGH7.5A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801.
from 0, < 2.9.4+dfsg1-3.1
HIGH7.5The xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service (out-of-…
from 0, < 2.9.3+dfsg1-1.1
HIGH7.5The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service (heap-…
from 0, < 2.9.3+dfsg1-1.1
HIGH7.5The (1) xmlParserEntityCheck and (2) xmlParseAttValueComplex functions in parser.c in libxml2 2.9.3 do not properly keep track of the recur…
from 0, < 2.9.3+dfsg1-1.1
HIGH7.5The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to…
from 0, < 2.9.3+dfsg1-1.1
HIGH7.1XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validat…
from 0, < 2.9.3+dfsg1-1.1
MEDIUM6.5libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails.
from 0, < 2.9.10+dfsg-6.7+deb11u6
MEDIUM6.5Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c.
from 0, < 2.9.10+dfsg-6.7+deb11u6
MEDIUM6.5An issue was discovered in libxml2 before 2.10.4.
from 0, < 2.9.10+dfsg-6.7+deb11u4
MEDIUM6.5libxml2 - security update
from 0, < 2.9.4+dfsg1-7+deb10u6
MEDIUM6.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u4
MEDIUM6.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u4
MEDIUM6.5libxml2 - security update
from 0, < 2.9.4+dfsg1-2.2+deb9u7
MEDIUM6.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u2
MEDIUM6.5libxml2 - security update
from 0, < 2.9.4+dfsg1-7+deb10u4
MEDIUM6.5libxml2 - security update
from 0, < 2.9.4+dfsg1-2.2+deb9u5
MEDIUM6.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7
MEDIUM6.5GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.
from 0, < 2.9.10+dfsg-6.2
MEDIUM6.5libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that tri…
from 0, < 2.9.10+dfsg-2
MEDIUM6.5libxml2 - security update
from 0, < 2.9.10+dfsg-2
MEDIUM6.5libxml2 - security update
from 0, < 2.9.4+dfsg1-2.2+deb9u3
MEDIUM6.5libxml2 - security update
from 0, < 2.9.1+dfsg1-5+deb8u7
MEDIUM6.5The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service (out-of-bounds read) via a craft…
from 0, < 2.9.3+dfsg1-1.1
MEDIUM6.5Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent a…
from 0, < 2.7.3.dfsg-2.1
MEDIUM6.5libxml2 - denial of service
from 0, < 2.6.32.dfsg-2+lenny1
MEDIUM6.5libxml2 - denial of service
from 0, < 2.6.32.dfsg-3
MEDIUM6.5libxml2 - denial of service
from 0, < 2.6.27.dfsg-3
MEDIUM6.2A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input i…
from 0
MEDIUM6.1libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u5
MEDIUM6.1libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u5
MEDIUM5.9A flaw was found in libxml2, an XML parsing library.
from 0
MEDIUM5.9Nokogiri Implements libxml2 version vulnerable to null pointer dereferencing
from 0, < 2.9.10+dfsg-6.6
MEDIUM5.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u9
MEDIUM5.5libxml2 - security update
from 0, < 2.9.10+dfsg-6.7+deb11u9
MEDIUM5.5libxml2 - security update
from 0, < 2.9.10+dfsg-2
MEDIUM5.5libxml2 - security update
from 0, < 2.9.4+dfsg1-2.2+deb9u6