libxml2-python (SUSE:Linux Enterprise Server for SAP Applications 11 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for SAP Applications 11 SP3 package libxml2-python, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2015-8710 — CVSS 9.8 (critical): The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service…
CVE-2015-5312 — CVSS 7.1 (high): The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows…
CVE-2015-7942 — CVSS 6.8 (medium): The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid…
CVE-2015-8241 — CVSS 6.4 (medium): The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-dependent attackers to cause a denial of…
CVE-2015-8242 — CVSS 5.8 (medium): The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers…
CVE-2015-8317 — CVSS 5.0 (medium): The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an…
CVE-2015-1819 — CVSS 5.0 (medium): The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML…
CVE-2015-7497 — CVSS 5.0 (medium): Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to…
CVE-2015-7498 — CVSS 5.0 (medium): Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause…
CVE-2015-7499 — CVSS 5.0 (medium): Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain…
CVE-2015-7500 — CVSS 5.0 (medium): The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service…
CVE-2015-7941 — CVSS 4.3 (medium): libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service…