CVE-2016-3709

Name
CVE-2016-3709
Description
Possible cross-site scripting vulnerability in libxml after commit 960f0e2.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://mail.gnome.org/archives/xml/2018-January/msg00010.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:* libxml2 >= 2.9.2 <= None

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libxml2 3.16-main 2.9.14-r2 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 3.15-main 2.9.14-r2 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 3.14-main 2.9.14-r2 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.13-main 2.9.14-r2 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.17-main 2.10.4-r0 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 3.19-main 2.11.8-r0 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 3.18-main 2.11.8-r0 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 3.20-main 2.12.7-r0 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 edge-main 2.12.8-r0 Carlo Landmeter <clandmeter@alpinelinux.org> fixed