CVE-2018-14404
- EPSS 3.68%
- Veröffentlicht 19.07.2018 13:29:00
- Zuletzt bearbeitet 03.12.2025 21:15:48
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format input...
CVE-2017-18258
- EPSS 2.71%
- Veröffentlicht 08.04.2018 17:29:00
- Zuletzt bearbeitet 21.11.2024 03:19:42
The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legi...
CVE-2018-9251
- EPSS 2.44%
- Veröffentlicht 04.04.2018 02:29:00
- Zuletzt bearbeitet 21.11.2024 04:15:13
The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnera...
CVE-2017-7375
- EPSS 2.64%
- Veröffentlicht 19.02.2018 19:29:00
- Zuletzt bearbeitet 03.12.2025 22:15:49
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). Depending on the context, this may exp...
- EPSS 23.69%
- Veröffentlicht 19.02.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 03:31:45
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
CVE-2017-5130
- EPSS 2.77%
- Veröffentlicht 07.02.2018 23:29:01
- Zuletzt bearbeitet 03.12.2025 22:15:48
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
CVE-2017-16931
- EPSS 4.28%
- Veröffentlicht 23.11.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.
CVE-2017-16932
- EPSS 5.93%
- Veröffentlicht 23.11.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
CVE-2017-9047
- EPSS 3.19%
- Veröffentlicht 18.05.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. The variable len is ass...
CVE-2017-9048
- EPSS 4.89%
- Veröffentlicht 18.05.2017 06:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end o...