View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2023-28484 severity moderate: SUSE including 362 source package names (0.23.0.3.2.423:libxml2-2-2.9.7-150000.3.57.1, 1.10.1.16.4.5.392:libxml2-2-2.9.7-150000.3.57.1, …), 775 product×package rows across 242 product lines (Container bci/bci-init, Container bci/dotnet-aspnet, … (242 product lines)): Fixed 589, Known Affected 147, Known Not Affected 39.
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.