Search for packages
| purl | pkg:rpm/redhat/libxml2@2.9.7-16.el8_8?arch=1 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-qpnt-xvgv-s3cq
Aliases: CVE-2023-28484 |
This advisory has been invalidated. | There are no reported fixed by versions. |
|
VCID-x9ej-7dcq-tub2
Aliases: CVE-2023-29469 |
Double Free An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:54:25.069545+00:00 | RedHat Importer | Affected by | VCID-qpnt-xvgv-s3cq | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28484.json | 38.0.0 |
| 2026-04-01T13:54:24.997368+00:00 | RedHat Importer | Affected by | VCID-x9ej-7dcq-tub2 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29469.json | 38.0.0 |