📦 Libxml2

This vulnerability in libxml2 allows attackers to bypass custom SAX handler protections against external entity processing, enabling classic XML External Entity (XXE) attacks. Any application using af...

This CVE describes an integer overflow vulnerability in libxml2's xmlBuildQName function that can cause stack-based buffer overflow when processing malicious XML input. This vulnerability affects any ...

This CVE describes a stack-based buffer overflow vulnerability in libxml2's xmlSnprintfElements function. Attackers can exploit this by providing malicious XML documents with DTD validation enabled, p...

CVE-2022-49043 is a use-after-free vulnerability in libxml2's xmlXIncludeAddNode function that allows attackers to execute arbitrary code or cause denial of service. This affects any application that ...

This vulnerability in xmllint (part of libxml2) allows attackers to trigger a buffer over-read when formatting error messages with the --htmlout flag. This could lead to information disclosure or appl...

A use-after-free vulnerability in libxml2's XML Reader interface when processing crafted XML documents with DTD validation and XInclude expansion enabled. This affects applications using vulnerable li...

CVE-2022-23308 is a use-after-free vulnerability in libxml2's validation component that allows attackers to potentially execute arbitrary code or cause denial of service. It affects applications that ...

A use-after-free vulnerability in libxml2 versions before 2.9.11 allows attackers to submit crafted XML files to applications using this library, potentially leading to arbitrary code execution. This ...

This vulnerability allows a local attacker to cause a stack overflow via crafted XPath expressions in libxml2. It affects applications using libxml2 for XML/XPath processing, potentially leading to de...