« List of all CVEs

CVE-2016-1837

Published: 5/20/2016 Last updated: 8/5/2024 Reserved: 1/13/2016

Multiple use-after-free vulnerabilities in the (1) htmlPArsePubidLiteral and (2) htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a crafted XML document.

CNA assigner: apple (286789f9-fbc2-4510-9f9a-43facdede74c) Requested by: n/a

Opam packages affected (5)

bap-llvm conf-gtksourceview conf-gtksourceview3 conf-librsvg2 lablgtk3-gtkspell3

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 64e1eebe2131183174f4fbb6b1491355f96c6cde

References (44)