cbcvebase.

Xmlsoft Libxml2 vulnerabilities

126 known vulnerabilities affecting xmlsoft/libxml2.

Total CVEs
126
CISA KEV
0
Public exploits
8
Exploited in wild
2
Severity breakdown
CRITICAL16HIGH49MEDIUM55LOW5UNKNOWN1

Vulnerabilities

Page 6 of 7
CVE-2011-3102P4MEDIUMCVSS 6.8≥ 0, < 2.7.8.dfsg-9.12012-05-16
CVE-2011-3102 [MEDIUM] CVE-2011-3102: Off-by-one error in libxml2, as used in Google Chrome before 19 Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
osv
CVE-2011-2834P4MEDIUMCVSS 6.8≥ 0, < 2.7.8.dfsg-52011-09-19
CVE-2011-2834 [MEDIUM] CVE-2011-2834: Double free vulnerability in libxml2, as used in Google Chrome before 14 Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling.
osv
CVE-2016-9598P4MEDIUMCVSS 6.5fixed in 2.9.42018-08-16
CVE-2016-9598 [MEDIUM] CVE-2016-9598: libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denia libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a missing fix for CVE-2016-4483.
nvd
CVE-2016-9596P4MEDIUMCVSS 6.5fixed in 2.9.42018-08-16
CVE-2016-9596 [MEDIUM] CVE-2016-9596: libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-3627.
nvd
CVE-2025-9714P4MEDIUMCVSS 5.5fixed in 2.10.02025-09-10
CVE-2025-9714 [MEDIUM] CWE-674 CVE-2025-9714: Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a lo Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such funct
nvdosv
CVE-2008-3281P4MEDIUMCVSS 6.5≤ 2.6.322008-08-27
CVE-2008-3281 [MEDIUM] CWE-776 CVE-2008-3281: libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribut libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
nvdosv
CVE-2013-2877P4MEDIUMCVSS 5.0≤ 2.9.0v1.7.0+123 more2013-07-10
CVE-2013-2877 [MEDIUM] CWE-119 CVE-2013-2877: parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, a parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a document that ends abruptly, related to the lack of certain checks for the XML_PARSER_EOF state.
nvdosv
CVE-2016-1833P4MEDIUMCVSS 5.5fixed in 2.9.42016-05-20
CVE-2016-1833 [MEDIUM] CWE-125 CVE-2016-1833: The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
nvdosv
CVE-2018-9251P4MEDIUMCVSS 5.3v2.9.82018-04-04
CVE-2018-9251 [MEDIUM] CVE-2018-9251: The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.
nvdosv
CVE-2016-3709P4MEDIUMCVSS 6.1≥ 2.9.2, < 2.9.11v2.9.x2022-07-28
CVE-2016-3709 [MEDIUM] CWE-79 CVE-2016-3709: Possible cross-site scripting vulnerability in libxml after commit 960f0e2. Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
nvdosv
CVE-2012-0841P4MEDIUMCVSS 5.0≤ 2.7.8v1.7.0+121 more2012-12-21
CVE-2012-0841 [MEDIUM] CWE-399 CVE-2012-0841: libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.
nvdosv
CVE-2009-2416P4MEDIUMCVSS 6.5v2.5.10v2.6.16+3 more2009-08-11
CVE-2009-2416 [MEDIUM] CWE-416 CVE-2009-2416: Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and l Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
nvdosv
CVE-2015-7941P4MEDIUMCVSS 4.3v2.9.22015-11-18
CVE-2015-7941 [MEDIUM] CWE-119 CVE-2015-7941: libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1) xmlParseEntityDecl or (2) xmlParseConditionalSections function in parser.c, as demonstrated by non-terminated entities.
nvdosv
CVE-2017-5969P4MEDIUMCVSS 4.7v2.9.42017-04-11
CVE-2017-5969 [MEDIUM] CWE-476 CVE-2017-5969: libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states "I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.
nvdosv
CVE-2013-0338P4MEDIUMCVSS 4.3≤ 2.9.0v1.7.0+123 more2013-04-25
CVE-2013-0338 [MEDIUM] CWE-119 CVE-2013-0338: libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and m libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via an XML file containing an entity declaration with long replacement text and many references to this entity, aka "internal entity expansion" with linear complexity.
nvdosv
CVE-2011-3905P4MEDIUMCVSS 5.0≥ 0, < 2.7.8.dfsg-5.12011-12-13
CVE-2011-3905 [MEDIUM] CVE-2011-3905: libxml2, as used in Google Chrome before 16 libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
osv
CVE-2015-8035P4LOWCVSS 2.6v2.9.12015-11-18
CVE-2015-8035 [LOW] CWE-399 CVE-2015-8035: The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, whic The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data.
nvdosv
CVE-2007-6284P4MEDIUMCVSS 5.0≥ 0, < 2.6.30.dfsg-3.12008-01-12
CVE-2007-6284 [MEDIUM] CVE-2007-6284: The xmlCurrentChar function in libxml2 before 2 The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
osv
CVE-2009-2414P4MEDIUMCVSS 4.3v2.5.10v2.6.16+3 more2009-08-11
CVE-2009-2414 [MEDIUM] CWE-119 CVE-2009-2414: Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1. Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework.
nvdosv
CVE-2003-1564P4MEDIUMCVSS 6.5fixed in 2.5.02003-12-31
CVE-2003-1564 [MEDIUM] CWE-776 CVE-2003-1564: libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which al libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs attack."
nvd
Xmlsoft Libxml2 vulnerabilities | cvebase