Vulnerabilities > Xmlsoft > Libxml2 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-04 | CVE-2024-25062 | Use After Free vulnerability in Xmlsoft Libxml2 An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. | 7.5 |
| 2022-11-23 | CVE-2022-40304 | Double Free vulnerability in multiple products An issue was discovered in libxml2 before 2.10.3. | 7.8 |
| 2022-11-23 | CVE-2022-40303 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in libxml2 before 2.10.3. | 7.5 |
| 2022-02-26 | CVE-2022-23308 | Use After Free vulnerability in multiple products valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. | 7.5 |
| 2021-05-19 | CVE-2021-3517 | Out-of-bounds Write vulnerability in multiple products There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. | 8.6 |
| 2021-05-18 | CVE-2021-3518 | Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. | 8.8 |
| 2020-01-21 | CVE-2020-7595 | Infinite Loop vulnerability in multiple products xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. | 7.5 |
| 2020-01-21 | CVE-2019-20388 | Memory Leak vulnerability in multiple products xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. | 7.5 |
| 2019-12-24 | CVE-2019-19956 | Memory Leak vulnerability in multiple products xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. | 7.5 |
| 2018-08-28 | CVE-2017-15412 | Use After Free vulnerability in multiple products Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |