{"id":"PUB-A-261365944","details":"In xmlParseTryOrFinish of parser.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-261365944","CVE-2023-21180"],"modified":"2026-05-29T15:55:33.750044621Z","published":"2023-06-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-06-01"}],"affected":[{"package":{"name":"platform/external/libxml2","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13-next:0"},{"fixed":"13-next:2023-06-01"}]}],"versions":["13-next"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/external/libxml2/+/38b5bb8f7920334ff401fa52fcd0f9a637edbce5"],"severity":"Moderate","spl":"2023-06-01","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-261365944.json"}},{"package":{"name":"platform/external/libxml2","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-06-01"}]}],"versions":["13"],"ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/external/libxml2/+/b4dc99e0d65aa43a49ea6d013df74b92befae2f5"],"spl":"2023-06-01","vanir_signatures":[{"signature_version":"v1","id":"PUB-A-261365944-2c9f663a","source":"https://android.googlesource.com/platform/external/libxml2/+/b4dc99e0d65aa43a49ea6d013df74b92befae2f5","digest":{"function_hash":"324699216604893890309377003807061448503","length":24456},"signature_type":"Function","deprecated":false,"match_only_versions":["13"],"target":{"file":"parser.c","function":"xmlParseTryOrFinish"}},{"signature_version":"v1","id":"PUB-A-261365944-6845944e","signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["208856863971331026147884905030716442874","103608749345005064832320638616546625818","25288558621577816815188423662288058706","273913629889501712463499975284448977456"]},"deprecated":false,"source":"https://android.googlesource.com/platform/external/libxml2/+/b4dc99e0d65aa43a49ea6d013df74b92befae2f5","match_only_versions":["13"],"target":{"file":"parser.c"}}],"severity":"Moderate","types":["ID"]},"database_specific":{"source":"https://storage.googleapis.com/android-osv/PUB-A-261365944.json"}}],"schema_version":"1.7.5"}