CVE-2017-16931

Published November 23rd, 2017

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.

GNOME/libxml2

Read-only mirror of https://gitlab.gnome.org/GNOME/libxml2

GitHub

747