libxml2 is vulnerable to denial of service (DoS). The vulnerability exists when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted XML document. NOTE: The maintainer states “I would disagree of a CVE with the Recover parsing option which should only be used for manual recovery at least for XML parser.”
CPE | Name | Operator | Version |
---|---|---|---|
libxml2:3.3 | eq | 2.9.4-r2 | |
libxml2:stretch | eq | 2.9.4+dfsg1-2.2+deb9u2 | |
libxml2:3.3 | eq | 2.9.4-r2 | |
libxml2:stretch | eq | 2.9.4+dfsg1-2.2+deb9u2 |