Search for packages
| purl | pkg:ebuild/dev-libs/libxml2@2.12.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-d68t-f8j1-h3am | Use After Free When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. |
CVE-2024-25062
|
| VCID-pdv9-xrh8-d3fz | Use After Free This advisory has been marked as False Positive and removed. |
CVE-2023-45322
|
| VCID-qpnt-xvgv-s3cq | This advisory has been invalidated. |
CVE-2023-28484
|
| VCID-x9ej-7dcq-tub2 | Double Free An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). |
CVE-2023-29469
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:04:38.198085+00:00 | Gentoo Importer | Fixing | VCID-d68t-f8j1-h3am | https://security.gentoo.org/glsa/202402-11 | 38.0.0 |
| 2026-04-01T13:04:38.188235+00:00 | Gentoo Importer | Fixing | VCID-pdv9-xrh8-d3fz | https://security.gentoo.org/glsa/202402-11 | 38.0.0 |
| 2026-04-01T13:04:38.176655+00:00 | Gentoo Importer | Fixing | VCID-x9ej-7dcq-tub2 | https://security.gentoo.org/glsa/202402-11 | 38.0.0 |
| 2026-04-01T13:04:38.167798+00:00 | Gentoo Importer | Fixing | VCID-qpnt-xvgv-s3cq | https://security.gentoo.org/glsa/202402-11 | 38.0.0 |