CVE-2017-10672

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-10672
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10672.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-10672
Downstream
Related
Published
2017-06-29T08:29:00.263Z
Modified
2026-03-15T14:55:43.614126Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Use-after-free in the XML-LibXML module through 2.0129 for Perl allows remote attackers to execute arbitrary code by controlling the arguments to a replaceChild call.

References

Affected packages

Git / github.com/shlomif/perl-xml-libxml

Affected ranges

Type
GIT
Repo
https://github.com/shlomif/perl-xml-libxml
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
13e2df84b8d43a97e2111ac20f1e7cb7923628c9
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.0129"
        }
    ]
}

Affected versions

Other
CPAN_1_40
CPAN_1_49
CPAN_1_50
CPAN_1_51
CPAN_1_52
CPAN_1_54
CPAN_1_54_0
CPAN_1_54_1
CPAN_1_54_2
CPAN_1_54_3
CPAN_1_55
CPAN_1_56
CPAN_1_57
CPAN_1_58
CPAN_1_58_1
XML-LibXML-0_91
XML-LibXML-0_96
XML-LibXML-1_40
release_1_30
XML-LibXML-1.*
XML-LibXML-1.71
XML-LibXML-1.72
XML-LibXML-1.73
XML-LibXML-1.74
XML-LibXML-1.75
XML-LibXML-1.76
XML-LibXML-1.77
XML-LibXML-1.78
XML-LibXML-1.79
XML-LibXML-1.80
XML-LibXML-1.81
XML-LibXML-1.82
XML-LibXML-1.83
XML-LibXML-1.84
XML-LibXML-1.85
XML-LibXML-1.86
XML-LibXML-1.87
XML-LibXML-1.88
XML-LibXML-1.89
XML-LibXML-1.90
XML-LibXML-1.91
XML-LibXML-1.92
XML-LibXML-1.93
XML-LibXML-1.94
XML-LibXML-1.95
XML-LibXML-1.96
XML-LibXML-1.97
XML-LibXML-1.98
XML-LibXML-1.99
XML-LibXML-2.*
XML-LibXML-2.0000
XML-LibXML-2.0001
XML-LibXML-2.0002
XML-LibXML-2.0003
XML-LibXML-2.0004
XML-LibXML-2.0005
XML-LibXML-2.0006
XML-LibXML-2.0007
XML-LibXML-2.0008
XML-LibXML-2.0009
XML-LibXML-2.0010
XML-LibXML-2.0011
XML-LibXML-2.0012
XML-LibXML-2.0015
XML-LibXML-2.0016
XML-LibXML-2.0017
XML-LibXML-2.0018
XML-LibXML-2.0019
XML-LibXML-2.0100
XML-LibXML-2.0101
XML-LibXML-2.0102
XML-LibXML-2.0103
XML-LibXML-2.0104
XML-LibXML-2.0105
XML-LibXML-2.0106
XML-LibXML-2.0107
XML-LibXML-2.0108
XML-LibXML-2.0109
XML-LibXML-2.0110
XML-LibXML-2.0111
XML-LibXML-2.0112
XML-LibXML-2.0113
XML-LibXML-2.0114
XML-LibXML-2.0115
XML-LibXML-2.0116
XML-LibXML-2.0117
XML-LibXML-2.0118
XML-LibXML-2.0119
XML-LibXML-2.0120
XML-LibXML-2.0121
XML-LibXML-2.0122
XML-LibXML-2.0123
XML-LibXML-2.0124
XML-LibXML-2.0125
XML-LibXML-2.0126
XML-LibXML-2.0127
XML-LibXML-2.0128
XML-LibXML-2.0129
axkit.*
axkit.org-svn-r824

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10672.json"