Vulnerabilities > Xmlsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-09 | CVE-2021-3541 | XML Entity Expansion vulnerability in multiple products A flaw was found in libxml2. | 4.0 |
| 2021-06-01 | CVE-2021-3516 | Use After Free vulnerability in multiple products There's a flaw in libxml2's xmllint in versions before 2.9.11. | 6.8 |
| 2021-05-19 | CVE-2021-3517 | Out-of-bounds Write vulnerability in multiple products There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. | 7.5 |
| 2021-05-18 | CVE-2021-3518 | Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. | 6.8 |
| 2021-05-14 | CVE-2021-3537 | NULL Pointer Dereference vulnerability in multiple products A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. | 4.3 |
| 2020-09-04 | CVE-2020-24977 | Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. | 6.4 |
| 2020-01-21 | CVE-2020-7595 | Infinite Loop vulnerability in multiple products xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. | 5.0 |
| 2020-01-21 | CVE-2019-20388 | Memory Leak vulnerability in Xmlsoft Libxml2 2.9.10 xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. | 5.0 |
| 2019-12-24 | CVE-2019-19956 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. | 5.0 |
| 2019-12-11 | CVE-2019-5815 | Type Confusion vulnerability in Xmlsoft Libxslt Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data. | 5.0 |