An issue was discovered in libxml2... CVE-2023-29469

- AV AC AU C I A
发布: 2023-04-24
修订: 2023-06-01

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to use the first byte of an empty string, and any value is possible (not solely the '\0' value).

100%
当前有23条漏洞利用/PoC
当前有2条受影响产品信息