Apache - Xerces-c\+\+ CVE

Filtered by vendor Apache Subscribe

Filtered by product Xerces-c\+\+

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-12627	1 Apache	1 Xerces-c\+\+	2021-07-31	7.5 HIGH	9.8 CRITICAL
In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions.
CVE-2016-2099	2 Apache, Opensuse	2 Xerces-c\+\+, Opensuse	2018-10-30	10.0 HIGH	9.8 CRITICAL
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.

Vulnerabilities (CVE)