Search CVE reports
11 – 20 of 112 results
CVE-2022-29824
Medium priorityIn libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a...
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Fixed | Fixed | Fixed | Fixed |
CVE-2022-23308
Medium priorityvalid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Fixed | Fixed | Fixed |
CVE-2021-3516
Medium priorityThere's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality,...
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Fixed | Fixed | Fixed |
CVE-2021-3517
Medium priorityThere is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2...
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Fixed | Fixed | Fixed |
CVE-2021-3518
Medium priorityThere's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to...
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Fixed | Fixed | Fixed |
CVE-2021-3541
Medium priorityA flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Fixed | Not affected | Not affected |
CVE-2021-3537
Medium priorityA vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode...
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Fixed | Fixed | Fixed |
CVE-2020-9926
Medium priorityA use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, iCloud for Windows 7.20, macOS Catalina 10.15.6, Security Update 2020-004 Mojave,...
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Not affected | Not affected | Not affected |
CVE-2020-27920
Medium priorityA use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2,...
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Not affected | Not affected | Not affected |
CVE-2020-24977
Low priorityGNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.
1 affected package
libxml2
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libxml2 | — | Not affected | Fixed | Fixed | Fixed |