Search for packages
| purl | pkg:nuget/libxml2@2.9.0 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-a28u-yu15-3qa6
Aliases: CVE-2013-1969 |
Use After Free Multiple use-after-free vulnerabilities in libxml2 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function. | There are no reported fixed by versions. |
|
VCID-wksj-tx4y-cye7
Aliases: CVE-2012-2871 |
Uncontrolled Resource Consumption libxml2, as used in Google Chrome, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T12:46:49.207024+00:00 | GitLab Importer | Affected by | VCID-a28u-yu15-3qa6 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libxml2/CVE-2013-1969.yml | 38.0.0 |
| 2026-04-01T12:46:47.287827+00:00 | GitLab Importer | Affected by | VCID-wksj-tx4y-cye7 | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/nuget/libxml2/CVE-2012-2871.yml | 38.0.0 |