cvedb.io
CVE-2017-9049
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-05-18T06:29:00.467 · Last modified 2026-06-17T01:27:23.740

Summary

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for libxml2 Bug 759398.

Affected products

xmlsoft — libxml2

Does this affect you?

Add your gear to cvedb and we'll alert you only when xmlsoft ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.