Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Search Type: Search All
  • CPE Vendor: cpe:/:xmlsoft
  • CPE Product: cpe:/:xmlsoft:libxml2
  • Published Start Date: 01/21/2020
  • Published End Date: 09/17/2020
There are 3 matching records.
Displaying matches 1 through 3.
Vuln ID Summary CVSS Severity
CVE-2020-24977

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e.

Published: September 03, 2020; 8:15:10 PM -0400
V3.1: 6.5 MEDIUM
V2.0: 6.4 MEDIUM
CVE-2020-7595

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.

Published: January 21, 2020; 6:15:13 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2019-20388

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.

Published: January 21, 2020; 6:15:13 PM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM