CVE-2024-56171

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

Open

LOW (3.8)

T
Tim Bastin detected CVE-2024-56171 with a risk of 3.75
0.8.2
System updated the risk assessment to 1.87
0.8.2
System recalculated raw risk assessment
T
Tim Bastin detected CVE-2024-56171 with a risk of 3.75
0.8.3
System updated the risk assessment to 1.87
0.8.3
System recalculated raw risk assessment
T
Tim Bastin detected CVE-2024-56171 with a risk of 1.87
0.9.1
System updated the risk assessment from 1.87 to 1.25
0.9.1
System recalculated raw risk assessment
System updated the risk assessment from 1.87 to 3.75
0.8.2
System recalculated raw risk assessment
System updated the risk assessment from 1.25 to 3.75
0.9.1
System recalculated raw risk assessment
System updated the risk assessment from 1.87 to 3.75
0.8.3
System recalculated raw risk assessment
T
Tim Bastin detected CVE-2024-56171 with a risk of 3.75
0.10.1
System detected CVE-2024-56171 with a risk of 3.75
main
T
Tim Bastin detected CVE-2024-56171 with a risk of 3.75
0.11.1
System fixed CVE-2024-56171
0.10.1
System fixed CVE-2024-56171
0.9.1
System fixed CVE-2024-56171
0.8.3
System fixed CVE-2024-56171
0.11.1
System fixed CVE-2024-56171
0.8.2
System fixed CVE-2024-56171
main
System detected CVE-2024-56171 with a risk of 3.75
0.11.1

Add a comment

Last calculated at:

Affected component

debian/libxml2

Installed version:

2.9.14

Fixed in:

no patch available

Show in dependency graph

🛡️ DevGuard
Group
/🗄️ Devguard Postgresql
Repository

CVE-2024-56171

Add a comment

Affected component

Management decisions across the organization