Security Advisory

CVE-2024-34392

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-02 18:55:38

Last updated 2024-11-25 12:54:47

Assigner JFROG

State PUBLISHED

Description

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes _wrap__xmlNode_nsDef_get()) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution.

← Browse all CVEs View on cve.org ↗