Search for packages
Package details: pkg:conan/libxml2@2.11.4
purl pkg:conan/libxml2@2.11.4
Next non-vulnerable version 2.11.9
Latest non-vulnerable version 2.12.9
Risk 3.4
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-2fyr-85vm-aaak
Aliases:
CVE-2023-45322
** DISPUTED ** libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."
2.11.6
Affected by 1 other vulnerability.
VCID-g16k-s1p7-aaaj
Aliases:
CVE-2024-25062
libxml2: use-after-free in XMLReader
2.11.7
Affected by 0 other vulnerabilities.
2.11.9
Affected by 0 other vulnerabilities.
2.12.5
Affected by 0 other vulnerabilities.
2.12.9
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-4z87-yfha-aaaq ** DISPUTED ** Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input. CVE-2023-39615

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:52:22.517470+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 36.1.3
2025-06-20T16:44:48.099203+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 36.1.3
2025-06-20T16:41:07.906824+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 36.1.3
2025-06-20T16:41:07.765764+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq None 36.1.3
2025-06-03T23:29:42.231047+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 36.1.0
2025-06-03T23:22:56.306777+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 36.1.0
2025-06-03T23:19:43.986823+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 36.1.0
2025-06-03T23:19:43.870996+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq None 36.1.0
2025-06-02T23:27:22.259278+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 36.1.2
2025-06-02T23:20:20.302879+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 36.1.2
2025-06-02T23:16:50.278616+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 36.1.2
2025-06-02T23:16:50.157176+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq None 36.1.2
2025-04-03T21:54:17.290371+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 36.0.0
2025-04-03T21:38:40.927226+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 36.0.0
2025-04-03T21:31:36.204900+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 36.0.0
2025-04-03T21:31:35.918706+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq None 36.0.0
2025-02-18T01:06:50.017222+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 35.1.0
2025-02-18T01:05:07.728279+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 35.1.0
2025-02-18T01:04:02.761501+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq None 35.1.0
2025-02-18T01:04:02.685957+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 35.1.0
2024-11-20T23:31:25.143449+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 35.0.0
2024-11-20T23:30:05.590413+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 35.0.0
2024-11-18T23:20:34.535151+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 34.3.2
2024-11-18T23:18:50.791820+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.3.2
2024-10-08T00:17:42.250329+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 34.0.2
2024-10-08T00:16:19.984285+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.2
2024-09-23T00:31:39.578331+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 34.0.1
2024-09-23T00:30:23.927133+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.1
2024-04-24T02:41:37.602051+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 34.0.0rc4
2024-04-24T02:40:48.484987+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq None 34.0.0rc4
2024-04-24T02:40:48.376173+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.0rc4
2024-01-10T05:16:57.247399+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 34.0.0rc2
2024-01-10T05:16:06.650129+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq None 34.0.0rc2
2024-01-10T05:16:06.529264+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.0rc2
2024-01-03T22:04:47.328296+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 34.0.0rc1
2024-01-03T22:03:57.176591+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq None 34.0.0rc1
2024-01-03T22:03:57.058237+00:00 GitLab Importer Fixing VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.0rc1