VulnerableCode Package Details - pkg:ebuild/dev-libs/libxml2@2.9.1-r1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2r5u-7wpy-4yf9	Improper Restriction of Operations within the Bounds of a Memory Buffer libxml2 allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.	CVE-2013-0338
VCID-a28u-yu15-3qa6	Use After Free Multiple use-after-free vulnerabilities in libxml2 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.	CVE-2013-1969
VCID-h6qs-dgys-afes	Improper Restriction of Operations within the Bounds of a Memory Buffer Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.	CVE-2012-5134
VCID-nrut-syek-s7fg	Improper Restriction of Operations within the Bounds of a Memory Buffer parser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.	CVE-2013-2877
VCID-t88t-p8tx-cfcu	Multiple vulnerabilities have been found in libxml2, allowing remote attackers to execute arbitrary code or cause Denial of Service.	CVE-2013-1664 GHSA-qrh7-x6fp-c2mp
VCID-wksj-tx4y-cye7	Uncontrolled Resource Consumption libxml2, as used in Google Chrome, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.	CVE-2012-2871

Vulnerability

Summary

Aliases

VCID-2r5u-7wpy-4yf9

Improper Restriction of Operations within the Bounds of a Memory Buffer libxml2 allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.

CVE-2013-0338

VCID-a28u-yu15-3qa6

Use After Free Multiple use-after-free vulnerabilities in libxml2 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.

CVE-2013-1969

VCID-h6qs-dgys-afes

Improper Restriction of Operations within the Bounds of a Memory Buffer Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document.

CVE-2012-5134

VCID-nrut-syek-s7fg

Improper Restriction of Operations within the Bounds of a Memory Buffer parser.c in libxml2, as used in Google Chrome and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.

CVE-2013-2877

VCID-t88t-p8tx-cfcu

Multiple vulnerabilities have been found in libxml2, allowing remote attackers to execute arbitrary code or cause Denial of Service.

CVE-2013-1664
GHSA-qrh7-x6fp-c2mp

VCID-wksj-tx4y-cye7

Uncontrolled Resource Consumption libxml2, as used in Google Chrome, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.

CVE-2012-2871

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:02:05.663135+00:00	Gentoo Importer	Fixing	VCID-nrut-syek-s7fg	https://security.gentoo.org/glsa/201311-06	38.0.0
2026-04-01T13:02:05.653780+00:00	Gentoo Importer	Fixing	VCID-a28u-yu15-3qa6	https://security.gentoo.org/glsa/201311-06	38.0.0
2026-04-01T13:02:05.644566+00:00	Gentoo Importer	Fixing	VCID-t88t-p8tx-cfcu	https://security.gentoo.org/glsa/201311-06	38.0.0
2026-04-01T13:02:05.634435+00:00	Gentoo Importer	Fixing	VCID-2r5u-7wpy-4yf9	https://security.gentoo.org/glsa/201311-06	38.0.0
2026-04-01T13:02:05.625172+00:00	Gentoo Importer	Fixing	VCID-h6qs-dgys-afes	https://security.gentoo.org/glsa/201311-06	38.0.0
2026-04-01T13:02:05.615331+00:00	Gentoo Importer	Fixing	VCID-wksj-tx4y-cye7	https://security.gentoo.org/glsa/201311-06	38.0.0