CVE-2012-0841

EPSS 1.0%

libxml2 - denial of service

Published: 12/21/2012Modified: 4/28/2026

Description

libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.

Affected packages (2)

Debian/libxml2from 0, < 2.7.8.dfsg-8
Debian/libxml2from 0, < 2.7.8.dfsg-2+squeeze3

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-0841