CVE-2013-1969: Use After Free

April 25, 2013 (updated June 21, 2013)

Multiple use-after-free vulnerabilities in libxml2 and possibly other versions might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to the (1) htmlParseChunk and (2) xmldecl_done functions, as demonstrated by a buffer overflow in the xmlBufGetInputBase function.

References

nvd.nist.gov/vuln/detail/CVE-2013-1969

Detect and mitigate CVE-2013-1969 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →