Skip to main content

Libxmljs

3 CVEs product

Monthly

CVE-2024-34392 npm CRITICAL POC Act Now

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes _wrap__xmlNode_nsDef_get()) on a grand-child of a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Denial Of Service Memory Corruption Libxmljs
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-34391 npm CRITICAL POC Act Now

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Denial Of Service Memory Corruption Libxmljs
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-21144 npm HIGH POC PATCH This Week

This affects all versions of package libxmljs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libxmljs
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes _wrap__xmlNode_nsDef_get()) on a grand-child of a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs() that was called on a parsed node. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Denial Of Service Memory Corruption +1
NVD GitHub
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

This affects all versions of package libxmljs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Libxmljs
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy