OSV-2020-1726

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libxml2/OSV-2020-1726.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2020-1726
Published
2020-09-11T00:00:07.083398Z
Modified
2022-04-13T03:04:39.942783Z
Summary
Heap-use-after-free in xmlXPathNodeSetAdd
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25536

Crash type: Heap-use-after-free READ 4
Crash state:
xmlXPathNodeSetAdd
xmlXPathGetElementsByIds
xmlXPathIdFunction
References

Affected packages

OSS-Fuzz / libxml2

Package

Name
libxml2
Purl
pkg:generic/libxml2

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/GNOME/libxml2.git
Events
Introduced
f0fd1b67fc883a24cdd039abb3d4fe4696104d72
Fixed
b215c270fa3b1436314cc56654718bd12182cfec

Ecosystem specific 

{
    "severity": "HIGH"
}