Filtered by vendor Xmlsoft
Subscribe
Total
130 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24855 | 1 Xmlsoft | 1 Libxslt | 2025-11-03 | N/A | 7.8 HIGH |
| numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. | |||||
| CVE-2024-25062 | 1 Xmlsoft | 1 Libxml2 | 2025-11-03 | N/A | 7.5 HIGH |
| An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. | |||||
| CVE-2024-56171 | 2 Netapp, Xmlsoft | 16 Active Iq Unified Manager, H300s, H300s Firmware and 13 more | 2025-11-03 | N/A | 7.8 HIGH |
| libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. | |||||
| CVE-2024-55549 | 1 Xmlsoft | 1 Libxslt | 2025-11-03 | N/A | 7.8 HIGH |
| xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes. | |||||
| CVE-2023-45322 | 1 Xmlsoft | 1 Libxml2 | 2025-11-03 | N/A | 6.5 MEDIUM |
| libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail." | |||||
| CVE-2023-39615 | 1 Xmlsoft | 1 Libxml2 | 2025-11-03 | N/A | 6.5 MEDIUM |
| Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input. | |||||
| CVE-2022-49043 | 1 Xmlsoft | 1 Libxml2 | 2025-11-03 | N/A | 8.1 HIGH |
| xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. | |||||
| CVE-2025-32415 | 1 Xmlsoft | 1 Libxml2 | 2025-11-03 | N/A | 2.9 LOW |
| In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. | |||||
| CVE-2025-32414 | 1 Xmlsoft | 1 Libxml2 | 2025-11-03 | N/A | 5.6 MEDIUM |
| In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters. | |||||
| CVE-2023-28484 | 2 Debian, Xmlsoft | 2 Debian Linux, Libxml2 | 2025-05-30 | N/A | 6.5 MEDIUM |
| In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. | |||||
| CVE-2022-23308 | 6 Apple, Debian, Fedoraproject and 3 more | 44 Ipados, Iphone Os, Mac Os X and 41 more | 2025-05-05 | 4.3 MEDIUM | 7.5 HIGH |
| valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | |||||
| CVE-2021-30560 | 4 Debian, Google, Splunk and 1 more | 4 Debian Linux, Chrome, Universal Forwarder and 1 more | 2025-05-05 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-40303 | 3 Apple, Netapp, Xmlsoft | 22 Ipados, Iphone Os, Macos and 19 more | 2025-04-29 | N/A | 7.5 HIGH |
| An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault. | |||||
| CVE-2022-40304 | 3 Apple, Netapp, Xmlsoft | 22 Ipados, Iphone Os, Macos and 19 more | 2025-04-28 | N/A | 7.8 HIGH |
| An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. | |||||
| CVE-2023-29469 | 2 Debian, Xmlsoft | 2 Debian Linux, Libxml2 | 2025-02-04 | N/A | 6.5 MEDIUM |
| An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). | |||||
| CVE-2022-29824 | 5 Debian, Fedoraproject, Netapp and 2 more | 24 Debian Linux, Fedora, Active Iq Unified Manager and 21 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. | |||||
| CVE-2021-3541 | 4 Netapp, Oracle, Redhat and 1 more | 27 Active Iq Unified Manager, Cloud Backup, Clustered Data Ontap and 24 more | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. | |||||
| CVE-2021-3537 | 6 Debian, Fedoraproject, Netapp and 3 more | 20 Debian Linux, Fedora, Active Iq Unified Manager and 17 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-3518 | 6 Debian, Fedoraproject, Netapp and 3 more | 19 Debian Linux, Fedora, Active Iq Unified Manager and 16 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. | |||||
| CVE-2021-3516 | 6 Debian, Fedoraproject, Netapp and 3 more | 9 Debian Linux, Fedora, Clustered Data Ontap and 6 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. | |||||