CVE-2024-34394

Name of the Vulnerable Software and Affected Versions libxmljs2 (affected versions not specified)

Description The issue is related to a type confusion vulnerability that occurs when parsing a specially crafted XML. This happens when the namespaces() function is invoked on a grand-child of a node that refers to an entity, which in turn invokes XmlNode::get local namespaces(). The vulnerability can lead to denial of service and remote code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.