Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

11 – 20 of 112 results


CVE-2022-29824

Medium priority
Fixed

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a...

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-23308

Medium priority
Fixed

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-3516

Medium priority
Fixed

There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality,...

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-3517

Medium priority
Fixed

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2...

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-3518

Medium priority
Fixed

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to...

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Fixed Fixed Fixed
Show less packages

CVE-2021-3541

Medium priority
Fixed

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Fixed Not affected Not affected
Show less packages

CVE-2021-3537

Medium priority
Fixed

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode...

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Fixed Fixed Fixed
Show less packages

CVE-2020-9926

Medium priority
Not affected

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, iCloud for Windows 7.20, macOS Catalina 10.15.6, Security Update 2020-004 Mojave,...

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-27920

Medium priority
Not affected

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2,...

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Not affected Not affected Not affected
Show less packages

CVE-2020-24977

Low priority
Fixed

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

1 affected packages

libxml2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libxml2 Not affected Fixed Fixed Fixed
Show less packages