Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Azure Linux:2 | libxml2 | 0 |
Timeline
- Feb 4, 2024 CVE Published
- Apr 21, 2026 CVE Updated
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.
| Vendor | Product | Versions |
|---|---|---|
| Azure Linux:2 | libxml2 | 0 |