libxml2.so is vulnerable to Denial of Service (DoS) attacks. The vulnerability exists in xmlSchemaFixupComplexType
of xmlschemas.c
, which allows a remote attacker to trigger a NULL pointer dereference leading to a segmentation fault, causing the application to crash.
github.com/advisories/GHSA-7cv2-wjgm-j7rm
github.com/GNOME/libxml2/commit/647e072ea0a2f12687fa05c172f4c4713fdb0c4f
gitlab.gnome.org/GNOME/libxml2/-/issues/491
gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.4
lists.debian.org/debian-lts-announce/2023/04/msg00031.html
security.netapp.com/advisory/ntap-20230601-0006/
security.netapp.com/advisory/ntap-20240201-0005/