libxmljs namespaces type confusion RCE

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces() function (which invokes _wrap__xmlNode_nsDef_get()) on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

使用不兼容类型访问资源(类型混淆)

libxmljs 安全漏洞

libxmljs是node.js的 LibXML 绑定。 libxmljs存在安全漏洞，该漏洞源于存在类型混淆漏洞。

N/A

N/A