VulnerableCode Package Details - pkg:deb/debian/libxml2@2.9.2%2Breally2.9.1%2Bdfsg1-0.1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6h9f-6pmg-3fh3	Improper Restriction of Operations within the Bounds of a Memory Buffer libxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.	CVE-2015-7941
VCID-b5tz-9s1v-pkg7	Vulnerabilities in libxml2 and libxslt Several vulnerabilities were discovered in the libxml2 and libxslt libraries that this package gem depends on.	CVE-2015-1819 GHSA-q7wx-62r7-j2x7
VCID-cgfv-pps6-6khd	Improper Restriction of Operations within the Bounds of a Memory Buffer The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.	CVE-2015-8710

Vulnerability

Summary

Aliases

VCID-6h9f-6pmg-3fh3

Improper Restriction of Operations within the Bounds of a Memory Buffer libxml2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.

CVE-2015-7941

VCID-b5tz-9s1v-pkg7

Vulnerabilities in libxml2 and libxslt Several vulnerabilities were discovered in the libxml2 and libxslt libraries that this package gem depends on.

CVE-2015-1819
GHSA-q7wx-62r7-j2x7

VCID-cgfv-pps6-6khd

Improper Restriction of Operations within the Bounds of a Memory Buffer The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash), or possibly have unspecified other impact via an unclosed HTML comment.

CVE-2015-8710

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:43:21.473523+00:00	Debian Importer	Fixing	VCID-6h9f-6pmg-3fh3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:58:41.346036+00:00	Debian Importer	Fixing	VCID-cgfv-pps6-6khd	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:53:42.705202+00:00	Debian Importer	Fixing	VCID-b5tz-9s1v-pkg7	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:43:23.568105+00:00	Debian Importer	Fixing	VCID-6h9f-6pmg-3fh3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:26:53.518448+00:00	Debian Importer	Fixing	VCID-cgfv-pps6-6khd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:37:13.642205+00:00	Debian Importer	Fixing	VCID-b5tz-9s1v-pkg7	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:30:05.081778+00:00	Debian Importer	Fixing	VCID-cgfv-pps6-6khd	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:30:04.791264+00:00	Debian Importer	Fixing	VCID-6h9f-6pmg-3fh3	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:30:04.536556+00:00	Debian Importer	Fixing	VCID-b5tz-9s1v-pkg7	https://security-tracker.debian.org/tracker/data/json	38.1.0