CVE-2024-34459
7.5HIGHAn issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext i
Published: 5/14/2024Updated: 11/4/2025
Description
An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.
AI AnalysisPowered by AI
Affected Products
xmlsoftlibxml2
xmlsoftlibxml2
References
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/720ExploitIssue Tracking
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8Release Notes
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7Release Notes
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/Mailing ListThird Party Advisory
- https://gitlab.gnome.org/GNOME/libxml2/-/issues/720ExploitIssue Tracking
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8Release Notes
- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7Release Notes
- https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/Mailing ListThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5HVUXKYTBWT3G5DEEQX62STJQBY367NL/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/INKSSLW5VMZIXHRPZBAW4TJUX5SQKARG/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRDJCNQP32LV56KESUQ5SNZKAJWSZZRI/