{"id":"JLSEC-2025-68","summary":"xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-fi...","details":"xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation.","modified":"2025-11-06T23:02:44.114938Z","published":"2025-10-17T17:40:51.659Z","upstream":["CVE-2020-7595"],"database_specific":{"sources":[{"url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-7595","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-7595","imported":"2025-10-28T18:09:07.770Z","id":"CVE-2020-7595","modified":"2024-11-21T05:37:26.453Z","published":"2020-01-21T23:15:13.867Z"}],"license":"CC-BY-4.0"},"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00047.html"},{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-292794.pdf"},{"type":"WEB","url":"https://gitlab.gnome.org/GNOME/libxml2/commit/0e1a49c89076"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/09/msg00009.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/545SPOI3ZPPNPX4TFRIVE4JVRTJRKULL/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5R55ZR52RMBX24TQTWHCIWKJVRV6YAWI/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDPF3AAVKUAKDYFMFKSIQSVVS3EEFPQH/"},{"type":"WEB","url":"https://security.gentoo.org/glsa/202010-04"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20200702-0005/"},{"type":"WEB","url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-103-08"},{"type":"WEB","url":"https://usn.ubuntu.com/4274-1/"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuoct2021.html"}],"affected":[{"package":{"name":"XML2_jll","ecosystem":"Julia","purl":"pkg:julia/XML2_jll?uuid=02c8fc9c-b97f-50b9-bbe4-9be30ff0a78a"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.9.10+0"},{"fixed":"2.9.12+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-68.json"}}],"schema_version":"1.7.3"}