Vulnerabilities > Apache > Xerces C > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-03-01 CVE-2017-12627 NULL Pointer Dereference vulnerability in Apache Xerces-C++
In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions.
network
low complexity
apache CWE-476
critical
 9.8
9.8
2016-05-13 CVE-2016-2099 Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.
network
low complexity
apache opensuse
critical
 9.8
9.8