
GNOME/libxml2
Releases240
Frequency1 month 1 week
Last Release
Stars750
Read-only mirror of https://gitlab.gnome.org/GNOME/libxml2
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| < 2.9.13 | 7.5 HIGH | 4.3 MEDIUM | ||
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | ||||
| <= 2.9.4 | — | 7.5 HIGH | ||
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. | ||||
| <= 2.9.4 | 7.5 HIGH | 5 MEDIUM | ||
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. | ||||