pkg:Alpine/libxml2
共 36 筆 CVECRITICAL4HIGH19MEDIUM12LOW1
✅ 檢查你的版本
所有已知漏洞
- CRITICAL9.8CVE-2024-56171libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmls…from 0, < 2.11.8-r1
- from 0, < 2.9.5-r0
- from 0, < 2.13.9-r0
- from 0, < 2.13.9-r0
- from 0, < 2.9.9-r5
- HIGH8.8CVE-2016-5131Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a den…from 0, < 2.9.4-r1
- from 0, < 2.9.9-r5
- from 0, < 2.9.14-r2
- HIGH7.7CVE-2025-24928libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c.from 0, < 2.11.8-r1
- from 0, < 2.13.9-r1
- HIGH7.5CVE-2025-49795A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions.from 0, < 2.13.9-r0
- HIGH7.5CVE-2025-6021Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2from 0, < 2.13.9-r0
- HIGH7.5CVE-2025-32415In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read.from 0, < 2.11.8-r3
- from 0, < 2.11.8-r3
- HIGH7.5CVE-2025-27113libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.from 0, < 2.11.8-r2
- from 0, < 2.11.8-r0
- from 0, < 2.11.7-r0
- from 0, < 2.9.14-r2
- HIGH7.5CVE-2022-23308valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.from 0, < 2.9.13-r0
- HIGH7.5CVE-2020-7595libxml as used in Nokogiri has an infinite loop in a certain end-of-file situationfrom 0, < 2.9.8-r2
- HIGH7.5CVE-2019-20388xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.from 0, < 2.9.10-r3
- from 0, < 2.9.9-r3
- from 0, < 2.9.8-r1
- from 0, < 2.10.4-r0
- from 0, < 2.10.4-r0
- from 0, < 2.9.14-r0
- from 0, < 2.9.12-r0
- MEDIUM6.5CVE-2020-24977GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.from 0, < 2.9.9-r4
- MEDIUM6.5CVE-2018-14567libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that tri…from 0, < 2.9.8-r1
- from 0, < 2.9.11-r0
- from 0, < 2.9.9-r5
- from 0, < 2.9.4-r2
- from 0, < 2.9.14-r1
- MEDIUM5.3CVE-2018-9251The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite…from 0, < 2.9.8-r1
- MEDIUM4.7CVE-2017-5969libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML…from 0, < 2.9.4-r4
- LOW2.5CVE-2025-6170A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files.from 0, < 2.13.9-r0