oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Multiple vulnerabilities in libxml2

From: Nick Wellnhofer <wellnhofer () aevum de>
Date: Tue, 18 Feb 2025 17:56:31 +0100
These issues are fixed in 2.12.10, 2.13.6 and the upcoming 2.14.0 release. Older branches won't receive official 
updates.

[CVE-2024-56171] Use-after-free in xmlSchemaIDCFillNodeTables
https://gitlab.gnome.org/GNOME/libxml2/-/issues/828

[CVE-2025-24928] Stack-buffer-overflow in xmlSnprintfElements
https://gitlab.gnome.org/GNOME/libxml2/-/issues/847

Null-deref in xmlPatMatch
https://gitlab.gnome.org/GNOME/libxml2/-/issues/861

Nick
Previous By Date Next
Previous By Thread Next

Current thread: