Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:ebuild/dev-libs/libxml2@2.9.2
purl pkg:ebuild/dev-libs/libxml2@2.9.2
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-69ff-ngna-mkbv Uncontrolled Resource Consumption parser.c in libxml2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML document containing a large number of nested entity references, a variant of the "billion laughs" attack. CVE-2014-3660

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-01T13:10:27.922596+00:00 Gentoo Importer Fixing VCID-69ff-ngna-mkbv https://security.gentoo.org/glsa/201412-06 38.0.0