VulnerableCode Package Details - pkg:deb/debian/libxml2@2.9.10%2Bdfsg-6.7%2Bdeb11u6?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-31w8-13b6-8beh	libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2	CVE-2025-24928
VCID-aasn-u7fd-8bhy	Improper Restriction of Operations within the Bounds of a Memory Buffer Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.	CVE-2023-39615
VCID-c9ds-faa9-t7be	libxml2: Use-After-Free in libxml2	CVE-2024-56171
VCID-d68t-f8j1-h3am	Use After Free When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.	CVE-2024-25062
VCID-hafa-bcpu-8uaj	libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch	CVE-2025-27113
VCID-pdv9-xrh8-d3fz	Use After Free This advisory has been marked as False Positive and removed.	CVE-2023-45322
VCID-qh44-gavt-rbdw	libxml: use-after-free in xmlXIncludeAddNode	CVE-2022-49043

Vulnerability

Summary

Aliases

VCID-31w8-13b6-8beh

libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

CVE-2025-24928

VCID-aasn-u7fd-8bhy

Improper Restriction of Operations within the Bounds of a Memory Buffer Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file.

CVE-2023-39615

VCID-c9ds-faa9-t7be

libxml2: Use-After-Free in libxml2

CVE-2024-56171

VCID-d68t-f8j1-h3am

Use After Free When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.

CVE-2024-25062

VCID-hafa-bcpu-8uaj

libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch

CVE-2025-27113

VCID-pdv9-xrh8-d3fz

Use After Free This advisory has been marked as False Positive and removed.

CVE-2023-45322

VCID-qh44-gavt-rbdw

libxml: use-after-free in xmlXIncludeAddNode

CVE-2022-49043

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:51:15.611633+00:00	Debian Importer	Fixing	VCID-qh44-gavt-rbdw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:27:57.868092+00:00	Debian Importer	Fixing	VCID-d68t-f8j1-h3am	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:27:42.814954+00:00	Debian Importer	Fixing	VCID-hafa-bcpu-8uaj	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:20:30.088052+00:00	Debian Importer	Fixing	VCID-c9ds-faa9-t7be	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:26:24.830750+00:00	Debian Importer	Fixing	VCID-31w8-13b6-8beh	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:59:46.202841+00:00	Debian Importer	Fixing	VCID-pdv9-xrh8-d3fz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:41:50.174568+00:00	Debian Importer	Fixing	VCID-aasn-u7fd-8bhy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:49:19.700248+00:00	Debian Importer	Fixing	VCID-qh44-gavt-rbdw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:32:01.852252+00:00	Debian Importer	Fixing	VCID-d68t-f8j1-h3am	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:03:30.830323+00:00	Debian Importer	Fixing	VCID-hafa-bcpu-8uaj	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:57:47.909214+00:00	Debian Importer	Fixing	VCID-c9ds-faa9-t7be	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:17:57.472576+00:00	Debian Importer	Fixing	VCID-31w8-13b6-8beh	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:01:57.450152+00:00	Debian Importer	Fixing	VCID-pdv9-xrh8-d3fz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:50:41.160859+00:00	Debian Importer	Fixing	VCID-aasn-u7fd-8bhy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:30:08.418012+00:00	Debian Importer	Fixing	VCID-hafa-bcpu-8uaj	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:30:08.308157+00:00	Debian Importer	Fixing	VCID-31w8-13b6-8beh	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:30:08.240913+00:00	Debian Importer	Fixing	VCID-c9ds-faa9-t7be	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:30:08.065940+00:00	Debian Importer	Fixing	VCID-d68t-f8j1-h3am	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:30:08.000059+00:00	Debian Importer	Fixing	VCID-pdv9-xrh8-d3fz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:30:07.932563+00:00	Debian Importer	Fixing	VCID-aasn-u7fd-8bhy	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:30:07.766179+00:00	Debian Importer	Fixing	VCID-qh44-gavt-rbdw	https://security-tracker.debian.org/tracker/data/json	38.1.0