CVE-2024-34459

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-34459
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-34459.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-34459
Downstream
Related
Published
2024-05-14T15:39:11.917Z
Modified
2026-02-05T09:42:08.656347Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.

References

Affected packages

Git / github.com/gnome/libxml2

Affected ranges

Type
GIT
Repo
https://github.com/gnome/libxml2
Events
Introduced
5e9b167dce73bd6a804ab107ae4c4b95e6849597
Fixed
0b6d8130737125ba45981d54be7f15fe398ad2e0
Fixed
58a973c40ba927e5ad941789723da7c47a2d60e3

Affected versions

v2.*
v2.12.0
v2.12.1
v2.12.2
v2.12.3
v2.12.4
v2.12.5
v2.12.6

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-34459.json"