libxml2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the libxml2 package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • H
Memory Leak

*
  • H
Missing Release of Resource after Effective Lifetime

<2.9.1+dfsg1-5+deb8u8
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<2.9.1+dfsg1-5+deb8u7
  • H
NULL Pointer Dereference

<2.9.1+dfsg1-5+deb8u7
  • H
Use After Free

<2.9.1+dfsg1-5+deb8u6
  • M
Allocation of Resources Without Limits or Throttling

<2.9.1+dfsg1-5+deb8u7
  • C
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u5
  • C
XML External Entity (XXE) Injection

<2.9.1+dfsg1-5+deb8u5
  • H
Out-of-bounds Write

*
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • C
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u5
  • H
Out-of-bounds Write

<2.9.1+dfsg1-5+deb8u5
  • H
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u5
  • H
Out-of-bounds Read

<2.9.1+dfsg1-5+deb8u5
  • H
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u5
  • H
Out-of-bounds Read

<2.9.1+dfsg1-5+deb8u5
  • C
Out-of-bounds Read

*
  • H
Deserialization of Untrusted Data

<2.9.1+dfsg1-5+deb8u2
  • M
NULL Pointer Dereference

*
  • M
XML External Entity (XXE) Injection

*
  • C
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u4
  • H
Use After Free

<2.9.1+dfsg1-5+deb8u4
  • C
Use of Externally-Controlled Format String

*
  • H
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u2
  • H
Improper Input Validation

<2.9.1+dfsg1-5+deb8u2
  • M
Out-of-bounds Read

<2.9.1+dfsg1-5+deb8u2
  • H
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u2
  • M
Out-of-bounds Read

<2.9.1+dfsg1-5+deb8u2
  • M
Use After Free

<2.9.1+dfsg1-5+deb8u2
  • H
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u2
  • H
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u2
  • M
Out-of-bounds Read

<2.9.1+dfsg1-5+deb8u2
  • M
Use After Free

<2.9.1+dfsg1-5+deb8u2
  • H
Improper Input Validation

<2.9.1+dfsg1-5+deb8u2
  • H
Improper Input Validation

<2.9.1+dfsg1-5+deb8u2
  • H
CVE-2015-8806

<2.9.1+dfsg1-5+deb8u2
  • C
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • H
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u2
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u2
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • M
Resource Management Errors

<2.9.1+dfsg1-5+deb8u1
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • L
Resource Management Errors

<2.9.1+dfsg1-5+deb8u1
  • M
Out-of-Bounds

<2.9.1+dfsg1-5+deb8u1
  • M
Resource Management Errors

<2.9.1+dfsg1-5+deb8u1
  • M
CVE-2014-0191

<2.9.1+dfsg1-4
  • M
CVE-2014-3660

<2.9.1+dfsg1-5
  • M
Access Restriction Bypass

<2.8.0+dfsg1-7+nmu1
  • M
Out-of-Bounds

<2.9.1+dfsg1-1
  • M
Out-of-Bounds

<2.8.0+dfsg1-7+nmu1
  • M
Resource Management Errors

<2.7.8.dfsg-8
  • M
Out-of-Bounds

<2.8.0+dfsg1-7
  • M
Numeric Errors

<2.8.0+dfsg1-5
  • M
Numeric Errors

<2.7.8.dfsg-9.1
  • H
Out-of-bounds Write

<2.7.8.dfsg-7
  • M
Out-of-bounds Read

<2.7.8.dfsg-5.1
  • M
Double Free

<2.7.8.dfsg-5
  • H
Numeric Errors

<2.7.8.dfsg-3
  • H
Double Free

<2.7.8.dfsg-5
  • H
Numeric Errors

<2.7.8.dfsg-5.1
  • H
Double Free

<2.7.8.dfsg-2
  • M
Out-of-Bounds

<2.7.8.dfsg-1
  • M
Resource Management Errors

<2.7.3.dfsg-2.1
  • M
Out-of-Bounds

<2.7.3.dfsg-2.1
  • C
Resource Management Errors

<2.6.32.dfsg-5
  • H
Numeric Errors

<2.6.32.dfsg-5
  • C
Out-of-Bounds

<2.6.32.dfsg-4
  • M
Resource Management Errors

<2.6.32.dfsg-3
  • M
Resource Management Errors

<2.6.30.dfsg-3.1
  • C
CVE-2004-0989

<2.6.11-5
  • H
CVE-2004-0110

<2.6.6-1