VYPR

npm package

libxmljs2

pkg:npm/libxmljs2

Vulnerabilities (2)

  • CVE-2024-34394HigMay 2, 2024
    affected <= 0.35.0

    libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes XmlNode::get_local_namespaces()) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of se

  • CVE-2024-34393HigMay 2, 2024
    affected <= 0.33.0

    libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. This vulnerability might lead to denial of service (on both 32-bit systems and 64-bit systems), data