rpm package
opensuse/libxml2-python&distro=openSUSE Leap Micro 5.4
pkg:rpm/opensuse/libxml2-python&distro=openSUSE%20Leap%20Micro%205.4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-25062 | — | < 2.9.14-150400.5.28.1 | 2.9.14-150400.5.28.1 | Feb 4, 2024 | An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. | ||
| CVE-2023-45322 | — | < 2.9.14-150400.5.25.1 | 2.9.14-150400.5.25.1 | Oct 6, 2023 | libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically ca |
- CVE-2024-25062Feb 4, 2024affected < 2.9.14-150400.5.28.1fixed 2.9.14-150400.5.28.1
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.
- CVE-2023-45322Oct 6, 2023affected < 2.9.14-150400.5.25.1fixed 2.9.14-150400.5.25.1
libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically ca