Search for packages
Package details: pkg:conan/libxml2@2.10.4
purl pkg:conan/libxml2@2.10.4
Next non-vulnerable version 2.11.9
Latest non-vulnerable version 2.12.9
Risk 3.4
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-2fyr-85vm-aaak
Aliases:
CVE-2023-45322
** DISPUTED ** libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail."
2.11.6
Affected by 1 other vulnerability.
VCID-4z87-yfha-aaaq
Aliases:
CVE-2023-39615
** DISPUTED ** Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input.
2.11.3
Affected by 0 other vulnerabilities.
2.11.4
Affected by 2 other vulnerabilities.
VCID-g16k-s1p7-aaaj
Aliases:
CVE-2024-25062
libxml2: use-after-free in XMLReader
2.11.7
Affected by 0 other vulnerabilities.
2.11.9
Affected by 0 other vulnerabilities.
2.12.5
Affected by 0 other vulnerabilities.
2.12.9
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-3q3t-625m-aaak NULL Pointer Dereference In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. CVE-2023-28484
VCID-wunb-embq-aaaq Double Free An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value). CVE-2023-29469

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-20T16:52:22.515623+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 36.1.3
2025-06-20T16:44:48.097575+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 36.1.3
2025-06-20T16:41:07.904890+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 36.1.3
2025-06-20T16:41:07.754880+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq None 36.1.3
2025-06-20T16:29:34.676966+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 36.1.3
2025-06-20T16:29:31.204917+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak None 36.1.3
2025-06-20T16:29:27.969008+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 36.1.3
2025-06-20T16:29:27.803103+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq None 36.1.3
2025-06-03T23:29:42.229244+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 36.1.0
2025-06-03T23:22:56.304938+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 36.1.0
2025-06-03T23:19:43.985311+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 36.1.0
2025-06-03T23:19:43.869256+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq None 36.1.0
2025-06-03T23:08:49.291954+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 36.1.0
2025-06-03T23:08:45.966885+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak None 36.1.0
2025-06-03T23:08:42.446126+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 36.1.0
2025-06-03T23:08:41.674197+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq None 36.1.0
2025-06-02T23:27:22.257663+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 36.1.2
2025-06-02T23:20:20.300781+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 36.1.2
2025-06-02T23:16:50.276164+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 36.1.2
2025-06-02T23:16:50.155154+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq None 36.1.2
2025-06-02T23:05:33.630647+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 36.1.2
2025-06-02T23:05:30.275995+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak None 36.1.2
2025-06-02T23:05:26.902450+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 36.1.2
2025-06-02T23:05:26.100477+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq None 36.1.2
2025-04-03T21:54:17.285549+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 36.0.0
2025-04-03T21:38:40.922203+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 36.0.0
2025-04-03T21:31:36.200083+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 36.0.0
2025-04-03T21:31:35.913440+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq None 36.0.0
2025-04-03T21:08:26.677242+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 36.0.0
2025-04-03T21:08:16.968750+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak None 36.0.0
2025-04-03T21:08:09.367659+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 36.0.0
2025-04-03T21:08:08.383084+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq None 36.0.0
2025-02-18T01:06:50.012342+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 35.1.0
2025-02-18T01:05:07.723392+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 35.1.0
2025-02-18T01:04:02.756653+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq None 35.1.0
2025-02-18T01:04:02.680480+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 35.1.0
2025-02-18T00:59:57.533643+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq None 35.1.0
2025-02-18T00:59:57.458011+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 35.1.0
2025-02-18T00:59:43.674225+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 35.1.0
2025-02-18T00:59:43.604513+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak None 35.1.0
2024-11-20T23:31:25.138635+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 35.0.0
2024-11-20T23:30:05.584662+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 35.0.0
2024-11-20T23:28:37.571691+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 35.0.0
2024-11-20T23:28:35.113787+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 35.0.0
2024-11-18T23:20:34.530155+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 34.3.2
2024-11-18T23:18:50.786837+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.3.2
2024-11-18T23:17:22.032269+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 34.3.2
2024-11-18T23:17:13.345866+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 34.3.2
2024-10-08T00:17:42.245395+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 34.0.2
2024-10-08T00:16:19.978718+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.2
2024-10-08T00:14:47.123614+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 34.0.2
2024-10-08T00:14:44.495104+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 34.0.2
2024-09-23T00:31:39.572686+00:00 GitLab Importer Affected by VCID-g16k-s1p7-aaaj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2024-25062.yml 34.0.1
2024-09-23T00:30:23.921587+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.1
2024-09-17T22:48:08.825115+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 34.0.1
2024-09-17T22:48:08.644834+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 34.0.1
2024-04-24T02:41:37.597445+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 34.0.0rc4
2024-04-24T02:40:48.480481+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq None 34.0.0rc4
2024-04-24T02:40:48.371139+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.0rc4
2024-04-24T02:37:54.939795+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 34.0.0rc4
2024-04-24T02:37:51.105220+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq None 34.0.0rc4
2024-04-24T02:37:39.008645+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 34.0.0rc4
2024-04-24T02:37:38.901094+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak None 34.0.0rc4
2024-01-10T05:16:57.242824+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 34.0.0rc2
2024-01-10T05:16:06.645564+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq None 34.0.0rc2
2024-01-10T05:16:06.524577+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.0rc2
2024-01-10T05:13:15.529445+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 34.0.0rc2
2024-01-10T05:13:11.962058+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq None 34.0.0rc2
2024-01-10T05:13:04.048740+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 34.0.0rc2
2024-01-10T05:13:03.930659+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak None 34.0.0rc2
2024-01-03T22:04:47.323114+00:00 GitLab Importer Affected by VCID-2fyr-85vm-aaak None 34.0.0rc1
2024-01-03T22:03:57.171929+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq None 34.0.0rc1
2024-01-03T22:03:57.052009+00:00 GitLab Importer Affected by VCID-4z87-yfha-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-39615.yml 34.0.0rc1
2024-01-03T22:00:58.396459+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq None 34.0.0rc1
2024-01-03T22:00:50.292795+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak None 34.0.0rc1
2024-01-03T18:09:13.072686+00:00 GitLab Importer Fixing VCID-3q3t-625m-aaak https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-28484.yml 34.0.0rc1
2024-01-03T18:09:12.918893+00:00 GitLab Importer Fixing VCID-wunb-embq-aaaq https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxml2/CVE-2023-29469.yml 34.0.0rc1