libxml2 vulnerabilities

Known vulnerabilities in the libxml2 package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L CVE-2024-34459	*
L Use After Free	*
L Use After Free	*
L Out-of-Bounds	*
M NULL Pointer Dereference	<2.9.14+dfsg-1.2
M Double Free	<2.9.14+dfsg-1.2
H Integer Overflow or Wraparound	<2.9.14+dfsg-1.1
H Double Free	<2.9.14+dfsg-1.1
M Cross-site Scripting (XSS)	<2.9.12+dfsg-3
H NULL Pointer Dereference	<2.9.14+dfsg-1.3~deb12u1
M Integer Overflow or Wraparound	<2.9.14+dfsg-1
H Use After Free	<2.9.13+dfsg-1
M Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<2.9.10+dfsg-6.7
M NULL Pointer Dereference	<2.9.10+dfsg-6.6
H Use After Free	<2.9.10+dfsg-6.6
H Use After Free	<2.9.10+dfsg-6.6
H Out-of-bounds Write	<2.9.10+dfsg-6.6
L Out-of-bounds Read	<2.9.10+dfsg-6.2
H Loop with Unreachable Exit Condition ('Infinite Loop')	<2.9.10+dfsg-2.1
H Memory Leak	<2.9.10+dfsg-2.1
H Missing Release of Resource after Effective Lifetime	<2.9.10+dfsg-2
M Loop with Unreachable Exit Condition ('Infinite Loop')	<2.9.10+dfsg-2
L NULL Pointer Dereference	<2.9.10+dfsg-2
H Use After Free	<2.9.4+dfsg1-5.2
L Allocation of Resources Without Limits or Throttling	<2.9.10+dfsg-2
C Out-of-Bounds	<2.9.4+dfsg1-3.1
C XML External Entity (XXE) Injection	<2.9.4+dfsg1-3.1
H Out-of-bounds Write	<2.9.4+dfsg1-5.1
H Loop with Unreachable Exit Condition ('Infinite Loop')	<2.9.10+dfsg-2
C Out-of-Bounds	<2.9.4+dfsg1-3.1
H Out-of-bounds Write	<2.9.4+dfsg1-3.1
H Out-of-Bounds	<2.9.4+dfsg1-3.1
H Out-of-bounds Read	<2.9.4+dfsg1-3.1
H Out-of-Bounds	<2.9.4+dfsg1-3.1
H Out-of-bounds Read	<2.9.4+dfsg1-3.1
C Out-of-bounds Read	<2.9.4+dfsg1-6.1
H Deserialization of Untrusted Data	<2.9.3+dfsg1-1.1
M NULL Pointer Dereference	<2.9.4+dfsg1-5.1
M XML External Entity (XXE) Injection	<2.9.10+dfsg-2
C Out-of-Bounds	<2.9.4+dfsg1-2.1
H Use After Free	<2.9.4+dfsg1-2.1
C Use of Externally-Controlled Format String	<2.9.4+dfsg1-1
H Out-of-Bounds	<2.9.3+dfsg1-1.1
H Improper Input Validation	<2.9.3+dfsg1-1.1
M Out-of-bounds Read	<2.9.3+dfsg1-1.1
M Use After Free	<2.9.3+dfsg1-1.1
M Out-of-bounds Read	<2.9.3+dfsg1-1.1
H Out-of-Bounds	<2.9.3+dfsg1-1.1
M Use After Free	<2.9.3+dfsg1-1.1
H Out-of-Bounds	<2.9.3+dfsg1-1.1
M Out-of-bounds Read	<2.9.3+dfsg1-1.1
H Out-of-Bounds	<2.9.3+dfsg1-1.1
H Improper Input Validation	<2.9.3+dfsg1-1.1
H Improper Input Validation	<2.9.3+dfsg1-1.1
H CVE-2015-8806	<2.9.3+dfsg1-1.1
C Out-of-Bounds	<2.9.2+really2.9.1+dfsg1-0.1
H Out-of-Bounds	<2.9.3+dfsg1-1.1
M Out-of-Bounds	<2.9.3+dfsg1-1.1
M Out-of-Bounds	<2.9.3+dfsg1-1
M Out-of-Bounds	<2.9.3+dfsg1-1
M Out-of-Bounds	<2.9.3+dfsg1-1
M Out-of-Bounds	<2.9.3+dfsg1-1
M Out-of-Bounds	<2.9.3+dfsg1-1
M Out-of-Bounds	<2.9.3+dfsg1-1
M Resource Management Errors	<2.9.3+dfsg1-1
M Out-of-Bounds	<2.9.2+zdfsg1-4
M Out-of-Bounds	<2.9.2+really2.9.1+dfsg1-0.1
M Out-of-Bounds	<2.9.3+dfsg1-1
L Resource Management Errors	<2.9.3+dfsg1-1
L Resource Management Errors	<2.9.2+really2.9.1+dfsg1-0.1
M CVE-2014-0191	<2.9.1+dfsg1-4
M CVE-2014-3660	<2.9.2+dfsg1-1
M Access Restriction Bypass	<2.8.0+dfsg1-7+nmu1
M Out-of-Bounds	<2.9.1+dfsg1-1
M Out-of-Bounds	<2.8.0+dfsg1-7+nmu1
M Resource Management Errors	<2.7.8.dfsg-8
M Out-of-Bounds	<2.8.0+dfsg1-7
M Numeric Errors	<2.8.0+dfsg1-5
M Numeric Errors	<2.7.8.dfsg-9.1
H Out-of-bounds Write	<2.7.8.dfsg-7
M Out-of-bounds Read	<2.7.8.dfsg-5.1
L Double Free	<2.7.8.dfsg-5
H Numeric Errors	<2.7.8.dfsg-3
L Double Free	<2.7.8.dfsg-5
H Numeric Errors	<2.7.8.dfsg-5.1
H Double Free	<2.7.8.dfsg-2
M Out-of-Bounds	<2.7.8.dfsg-1
L Resource Management Errors	<2.7.3.dfsg-2.1
M Out-of-Bounds	<2.7.3.dfsg-2.1
C Resource Management Errors	<2.6.32.dfsg-5
H Numeric Errors	<2.6.32.dfsg-5
C Out-of-Bounds	<2.6.32.dfsg-4
M Resource Management Errors	<2.6.32.dfsg-3
M Resource Management Errors	<2.6.30.dfsg-3.1
C CVE-2004-0989	<2.6.11-5
H CVE-2004-0110	<2.6.6-1

Vulnerability

Vulnerable Version

CVE-2024-34459