xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3, and other products) does not forbid namespace nodes in XPointer ranges, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and memory corruption) via a crafted XML document.

xpointer.c in libxml2 before 2.9.5 (as used in Apple iOS before 10, OS ...

Security update for libxml2

Security update for libxml2

Security update for libxml2

Nokogiri does not forbid namespace nodes in XPointer ranges

ELSA-2021-3810: libxml2 security update (MODERATE)

Уязвимость библиотеки libxml2 операционных систем iPhoneOS, tvOS, watchOS, macOS, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Security update for libxml2

Security update for libxml2

Security update for SLES 12 Docker image

Security update for SLES 12-SP1 Docker image