VDB
CISA-2016-5131
CISA-2016-5131
PUBLISHED
CVSS 8.8 HIGH
Reported by Chrome · Published July 23, 2016
Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.
Risk Scores
CVSS 3.1
8.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, n/a |
Timeline
- Jul 23, 2016 CVE Published
- Dec 4, 2025 CVE Updated
- Mar 26, 2026 Distribution Patch
- Mar 26, 2026 Distribution Patch
- Mar 26, 2026 Security Advisory
- Mar 26, 2026 Security Advisory
- Mar 26, 2026 Security Advisory
- Mar 26, 2026 Security Advisory
- Mar 26, 2026 Security Advisory
- Mar 26, 2026 Security Advisory
- Mar 26, 2026 Security Advisory
References
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- openSUSE-SU-2016:1868 vendor-advisoryx_refsource_SUSE
- openSUSE-SU-2016:1869 vendor-advisoryx_refsource_SUSE
- APPLE-SA-2016-09-20 vendor-advisoryx_refsource_APPLE
- APPLE-SA-2016-09-20-3 vendor-advisoryx_refsource_APPLE
- 92053 vdb-entryx_refsource_BID
- x_refsource_CONFIRM
- APPLE-SA-2016-09-20-5 vendor-advisoryx_refsource_APPLE
- USN-3041-1 vendor-advisoryx_refsource_UBUNTU
- openSUSE-SU-2016:1918 vendor-advisoryx_refsource_SUSE
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- APPLE-SA-2016-09-20-6 vendor-advisoryx_refsource_APPLE
- x_refsource_CONFIRM
- GLSA-201610-09 vendor-advisoryx_refsource_GENTOO
- GLSA-201701-37 vendor-advisoryx_refsource_GENTOO
- openSUSE-SU-2016:1865 vendor-advisoryx_refsource_SUSE
- x_refsource_CONFIRM
…and 5 more