VulnerableCode Package Details - pkg:alpm/archlinux/libxml2@2.9.11-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-29mt-tpku-aaab	There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.	CVE-2021-3517 GHSA-jw9f-hh49-cvp9
VCID-gn1q-6cht-aaap	A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.	CVE-2021-3537 GHSA-286v-pcf5-25rc
VCID-sdba-sgwc-aaaj	A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.	CVE-2021-3541
VCID-u1dm-t6k2-aaaq	Use After Free There's a flaw in libxml2's xmllint An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.	CVE-2021-3516
VCID-wdr9-vsu9-aaap	There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.	CVE-2021-3518 GHSA-v4f8-2847-rwm7

Vulnerability

Summary

Aliases

VCID-29mt-tpku-aaab

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application.

CVE-2021-3517
GHSA-jw9f-hh49-cvp9

VCID-gn1q-6cht-aaap

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.

CVE-2021-3537
GHSA-286v-pcf5-25rc

VCID-sdba-sgwc-aaaj

A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service.

CVE-2021-3541

VCID-u1dm-t6k2-aaaq

Use After Free There's a flaw in libxml2's xmllint An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability.

CVE-2021-3516

VCID-wdr9-vsu9-aaap

There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability.

CVE-2021-3518
GHSA-v4f8-2847-rwm7

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:45:29.250929+00:00	Arch Linux Importer	Fixing	VCID-u1dm-t6k2-aaaq	https://security.archlinux.org/AVG-1883	36.0.0
2025-03-28T07:45:29.232224+00:00	Arch Linux Importer	Fixing	VCID-29mt-tpku-aaab	https://security.archlinux.org/AVG-1883	36.0.0
2025-03-28T07:45:29.213521+00:00	Arch Linux Importer	Fixing	VCID-wdr9-vsu9-aaap	https://security.archlinux.org/AVG-1883	36.0.0
2025-03-28T07:45:29.194841+00:00	Arch Linux Importer	Fixing	VCID-gn1q-6cht-aaap	https://security.archlinux.org/AVG-1883	36.0.0
2025-03-28T07:45:29.176073+00:00	Arch Linux Importer	Fixing	VCID-sdba-sgwc-aaaj	https://security.archlinux.org/AVG-1883	36.0.0
2024-09-18T02:00:25.532448+00:00	Arch Linux Importer	Fixing	VCID-u1dm-t6k2-aaaq	https://security.archlinux.org/AVG-1883	34.0.1
2024-09-18T02:00:25.508620+00:00	Arch Linux Importer	Fixing	VCID-29mt-tpku-aaab	https://security.archlinux.org/AVG-1883	34.0.1
2024-09-18T02:00:25.489199+00:00	Arch Linux Importer	Fixing	VCID-wdr9-vsu9-aaap	https://security.archlinux.org/AVG-1883	34.0.1
2024-09-18T02:00:25.469832+00:00	Arch Linux Importer	Fixing	VCID-gn1q-6cht-aaap	https://security.archlinux.org/AVG-1883	34.0.1
2024-09-18T02:00:25.449950+00:00	Arch Linux Importer	Fixing	VCID-sdba-sgwc-aaaj	https://security.archlinux.org/AVG-1883	34.0.1
2024-01-03T22:26:40.950010+00:00	Arch Linux Importer	Fixing	VCID-u1dm-t6k2-aaaq	https://security.archlinux.org/AVG-1883	34.0.0rc1
2024-01-03T22:26:40.930694+00:00	Arch Linux Importer	Fixing	VCID-29mt-tpku-aaab	https://security.archlinux.org/AVG-1883	34.0.0rc1
2024-01-03T22:26:40.911134+00:00	Arch Linux Importer	Fixing	VCID-wdr9-vsu9-aaap	https://security.archlinux.org/AVG-1883	34.0.0rc1
2024-01-03T22:26:40.892052+00:00	Arch Linux Importer	Fixing	VCID-gn1q-6cht-aaap	https://security.archlinux.org/AVG-1883	34.0.0rc1
2024-01-03T22:26:40.872790+00:00	Arch Linux Importer	Fixing	VCID-sdba-sgwc-aaaj	https://security.archlinux.org/AVG-1883	34.0.0rc1

2025-03-28T07:45:29.250929+00:00

Arch Linux Importer

Fixing