In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:LXmlsoft Libxml2
APPXmlsoft< 2.13.82.14.0 – 2.14.2 (bez)
Related vulnerabilities
XXE w bibliotece libxml2 — obejście niestandardowych handlerów SAX
A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not ...
Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit ...
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlP...
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of servi...