Skip to main content

Xml Libxml

2 CVEs product

Monthly

CVE-2017-10672 CRITICAL POC THREAT Emergency

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.1%.

Memory Corruption Use After Free RCE Xml Libxml Debian Linux
NVD
CVSS 3.1
9.8
EPSS
10.1%
CVE-2015-3451 MEDIUM This Month

The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Xml Libxml Ubuntu Linux Debian Linux Fedora +1
NVD
CVSS 2.0
5.0
EPSS
5.0%
EPSS 10% CVSS 9.8
CRITICAL POC THREAT Emergency

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 10.1%.

Memory Corruption Use After Free RCE +2
NVD
EPSS 5% CVSS 5.0
MEDIUM This Month

The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Xml Libxml Ubuntu Linux +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy