Known Vulnerabilities for products from Xmlsoft

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Xmlsoft".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2022-23308 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.5 - HIGH 2022-02-26 2022-11-02
CVE-2021-30560 Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap co... 8.8 - HIGH 2021-08-03 2022-10-27
CVE-2021-3541 A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms an... 6.5 - MEDIUM 2021-07-09 2022-03-01
CVE-2021-3537 A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed con... 5.9 - MEDIUM 2021-05-14 2023-02-28
CVE-2021-3518 There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an a... 8.8 - HIGH 2021-05-18 2022-10-05
CVE-2021-3517 There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to sup... 8.6 - HIGH 2021-05-19 2022-10-05
CVE-2021-3516 There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be process... 7.8 - HIGH 2021-06-01 2022-03-01
CVE-2020-24977 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.... 6.5 - MEDIUM 2020-09-04 2022-07-25
CVE-2020-7595 xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. 7.5 - HIGH 2020-01-21 2022-07-25
CVE-2019-20388 xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. 7.5 - HIGH 2020-01-21 2022-07-25
CVE-2019-19956 xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. 7.5 - HIGH 2019-12-24 2021-07-21
CVE-2019-18197 In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant... 7.5 - HIGH 2019-10-18 2020-08-24
CVE-2019-13118 In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid... 5.3 - MEDIUM 2019-07-01 2023-04-10
CVE-2019-13117 In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFor... 5.3 - MEDIUM 2019-07-01 2023-04-06
CVE-2019-11068 libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit acc... 9.8 - CRITICAL 2019-04-10 2023-03-24
CVE-2019-5815 Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap ... 7.5 - HIGH 2019-12-11 2022-10-27
CVE-2018-14567 libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML... 6.5 - MEDIUM 2018-08-16 2020-09-10
CVE-2018-14404 A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when pa... 7.5 - HIGH 2018-07-19 2020-09-10
CVE-2018-9251 The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of serv... 5.3 - MEDIUM 2018-04-04 2019-10-03
CVE-2017-18258 The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumpt... 6.5 - MEDIUM 2018-04-08 2020-09-10

Known software with vulnerabilities from Xmlsoft

Type Vendor Product Version

Popular searches for "Xmlsoft"

The XML C parser and toolkit of Gnome XML GNOME Libxml2 World Wide Web Consortium Parsing Language binding List of toolkits C Markup language Widget toolkit MIT License Free software C (programming language) Source-available software Computing platform Implementation Computer programming MacOS HTML Standardization


libxslt Libxslt is the XSLT C library developed for the GNOME project. XSLT itself is a an XML language to define transformation for XML. Libxslt is based on libxml2 the XML C library developed for the GNOME project. It also implements most of the EXSLT set of processor-portable extensions functions and some of Saxon's evaluate and expressions extensions. Libxslt XML XSLT The GNOME Project C standard library Libxml2 Subroutine EXSLT Central processing unit Plug-in (computing) Expression (computer science) Language binding Application programming interface Library (computing) Browser extension Software portability Programming language C (programming language) Portable application Command-line interface