XMLSoft Libxml2 2.10.4

CPE Details

XMLSoft Libxml2 2.10.4
2.10.4
2023-05-01
17h31 +00:00
2023-06-15
14h33 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:xmlsoft:libxml2:2.10.4:*:*:*:*:*:*:*

Informations

Vendor

xmlsoft

Product

libxml2

Version

2.10.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-27113 2025-02-18 00h00 +00:00 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.
7.5
High
CVE-2024-25062 2024-02-03 23h00 +00:00 An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.
7.5
High
CVE-2023-45322 2023-10-05 22h00 +00:00 libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."
6.5
Medium