Search for packages
| purl | pkg:nuget/libxml2@2.6.16 |
| Tags | Ghost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-2vtb-bj4t-aaar
Aliases: CVE-2013-0338 |
Improper Restriction of Operations within the Bounds of a Memory Buffer libxml2 allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity. |
Affected by 49 other vulnerabilities. |
|
VCID-scf9-dkby-aaap
Aliases: CVE-2013-0339 |
Uncontrolled Resource Consumption libxml2 does not properly handle external entities expansion unless an application developer uses the xmlSAX2ResolveEntity or xmlSetExternalEntityLoader function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. |
Affected by 49 other vulnerabilities. |
|
VCID-ufew-hd99-aaan
Aliases: CVE-2012-0841 |
Uncontrolled Resource Consumption libxml2 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data. |
Affected by 49 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||