Xmlsoft : Security Vulnerabilities, CVEs, Published In 2018 (Overflow)

CVE-2017-7376

Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects.
Max CVSS
10.0
EPSS Score
34.14%
Published
2018-02-19
Updated
2019-05-17

CVE-2017-5130

An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
Max CVSS
8.8
EPSS Score
0.70%
Published
2018-02-07
Updated
2022-04-08

CVE-2016-9597

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression CVE for the same issue as CVE-2016-3705.
Max CVSS
7.5
EPSS Score
0.06%
Published
2018-07-30
Updated
2023-02-12
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close