Xmlsoft: >> Libxml2 >> 2.14.3 Security Vulnerabilities
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that causes the application to crash. This results in a denial of service (DoS), making the affected system or application unavailable.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-04-23
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
CVSS Score
7.5
EPSS Score
0.021
Published
2025-06-12