libxml2 vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the libxml2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Loop with Unreachable Exit Condition ('Infinite Loop')	*
H Memory Leak	*
H Missing Release of Resource after Effective Lifetime	<2.9.1+dfsg1-5+deb8u8
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.9.1+dfsg1-5+deb8u7
H NULL Pointer Dereference	<2.9.1+dfsg1-5+deb8u7
H Use After Free	<2.9.1+dfsg1-5+deb8u6
M Allocation of Resources Without Limits or Throttling	<2.9.1+dfsg1-5+deb8u7
C XML External Entity (XXE) Injection	<2.9.1+dfsg1-5+deb8u5
C Out-of-Bounds	<2.9.1+dfsg1-5+deb8u5
H Out-of-bounds Write	*
C Out-of-Bounds	<2.9.1+dfsg1-5+deb8u5
H Loop with Unreachable Exit Condition ('Infinite Loop')	*
H Out-of-bounds Write	<2.9.1+dfsg1-5+deb8u5
H Out-of-bounds Read	<2.9.1+dfsg1-5+deb8u5
H Out-of-bounds Read	<2.9.1+dfsg1-5+deb8u5
H Out-of-Bounds	<2.9.1+dfsg1-5+deb8u5
H Out-of-Bounds	<2.9.1+dfsg1-5+deb8u5
C Out-of-bounds Read	*
M NULL Pointer Dereference	*
H Deserialization of Untrusted Data	<2.9.1+dfsg1-5+deb8u2
M XML External Entity (XXE) Injection	*
C Out-of-Bounds	<2.9.1+dfsg1-5+deb8u4
H Use After Free	<2.9.1+dfsg1-5+deb8u4
C Use of Externally-Controlled Format String	*
H Improper Input Validation	<2.9.1+dfsg1-5+deb8u2
H Out-of-Bounds	<2.9.1+dfsg1-5+deb8u2
H Out-of-Bounds	<2.9.1+dfsg1-5+deb8u2
H Out-of-Bounds	<2.9.1+dfsg1-5+deb8u2
H Out-of-Bounds	<2.9.1+dfsg1-5+deb8u2
M Use After Free	<2.9.1+dfsg1-5+deb8u2
M Use After Free	<2.9.1+dfsg1-5+deb8u2
M Out-of-bounds Read	<2.9.1+dfsg1-5+deb8u2
M Out-of-bounds Read	<2.9.1+dfsg1-5+deb8u2
M Out-of-bounds Read	<2.9.1+dfsg1-5+deb8u2
H Improper Input Validation	<2.9.1+dfsg1-5+deb8u2
H Improper Input Validation	<2.9.1+dfsg1-5+deb8u2
H CVE-2015-8806	<2.9.1+dfsg1-5+deb8u2
C Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
H Out-of-Bounds	<2.9.1+dfsg1-5+deb8u2
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u2
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
M Resource Management Errors	<2.9.1+dfsg1-5+deb8u1
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
L Resource Management Errors	<2.9.1+dfsg1-5+deb8u1
M Out-of-Bounds	<2.9.1+dfsg1-5+deb8u1
M Resource Management Errors	<2.9.1+dfsg1-5+deb8u1
M CVE-2014-0191	<2.9.1+dfsg1-4
M CVE-2014-3660	<2.9.1+dfsg1-5
M Access Restriction Bypass	<2.8.0+dfsg1-7+nmu1
M Out-of-Bounds	<2.9.1+dfsg1-1
M Out-of-Bounds	<2.8.0+dfsg1-7+nmu1
M Resource Management Errors	<2.7.8.dfsg-8
M Out-of-Bounds	<2.8.0+dfsg1-7
M Numeric Errors	<2.8.0+dfsg1-5
M Numeric Errors	<2.7.8.dfsg-9.1
H Out-of-bounds Write	<2.7.8.dfsg-7
M Out-of-bounds Read	<2.7.8.dfsg-5.1
M Double Free	<2.7.8.dfsg-5
H Numeric Errors	<2.7.8.dfsg-3
H Double Free	<2.7.8.dfsg-5
H Numeric Errors	<2.7.8.dfsg-5.1
H Double Free	<2.7.8.dfsg-2
M Out-of-Bounds	<2.7.8.dfsg-1
M Resource Management Errors	<2.7.3.dfsg-2.1
M Out-of-Bounds	<2.7.3.dfsg-2.1
H Numeric Errors	<2.6.32.dfsg-5
C Resource Management Errors	<2.6.32.dfsg-5
C Out-of-Bounds	<2.6.32.dfsg-4
M Resource Management Errors	<2.6.32.dfsg-3
M Resource Management Errors	<2.6.30.dfsg-3.1
C CVE-2004-0989	<2.6.11-5
H CVE-2004-0110	<2.6.6-1