MiracleLinux 8 : libxml2-2.9.7-8.el8 (AXSA:2020-1001:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-1001:04 advisory. libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c CVE-2019-19956 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c...

Siemens SIMATIC S7-1500 Loop with Unreachable Exit Condition (CVE-2020-7595)

xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

CentOS 9 : libxml2-2.9.12-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libxml2-2.9.12-4.el9 build changelog. - xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. CVE-2019-20388 - GNOME project libxml2...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in Libxml2

Summary The following vulnerabilities in Libxml2 have been addressed by IBM Flex System Chassis Management Module CMM. Vulnerability Details CVEID: CVE-2020-7595 DESCRIPTION: The Gnome Project Libxml2 is vulnerable to a denial of service, caused by an error in xmlStringLenDecodeEntities in...

Oracle Linux 7 : libxml2 (ELSA-2020-3996)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3996 advisory. - Fix CVE-2019-19956 1793000 - Fix CVE-2019-20388 1810057 - Fix CVE-2020-7595 1810073 Tenable has extracted the preceding description block directly fr...

BELL-CVE-2020-7595 CVE-2020-7595 does not affect BellSoft software

Bulletin has no description...

K04460334: libxml2 2.9.10 vulnerability CVE-2020-7595

Security Advisory Description xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. CVE-2020-7595 Impact An attacker could exploit this vulnerability to cause the application to enter into an infinite loop resulting in a denial of servic...

AlmaLinux 8 : libxml2 (ALSA-2020:4479)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4479 advisory. - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-oldNs. CVE-2019-19956 - xmlSchemaPreRun in...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libxml2 Multiple Vulnerabilities (NS-SA-2021-0148)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libxml2 packages installed that are affected by multiple vulnerabilities: - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-oldNs. CVE-2019-19956 - xmlSchemaPreRun...

SUSE: Security Advisory (SUSE-SU-2020:1299-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libxml2 Multiple Vulnerabilities (NS-SA-2021-0016)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libxml2 packages installed that are affected by multiple vulnerabilities: - xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. CVE-2020-7595 -...

NewStart CGSL MAIN 6.02 : libxml2 Multiple Vulnerabilities (NS-SA-2021-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has libxml2 packages installed that are affected by multiple vulnerabilities: - xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. CVE-2020-7595 -...

CentOS 8 : libxml2 (CESA-2020:4479)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4479 advisory. - libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c CVE-2019-19956 - libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c...

Security Bulletin: IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-19126 DESCRIPTION: GNU C Library could allow a local attacker to bypass security restrictions, caused by failing to ignore...

Security Bulletin: IBM MQ Appliance is affected by libxml2 vulnerabilities (CVE-2019-19956, CVE-2019-20388, CVE-2020-7595)

Summary IBM MQ Appliance has resolved libxml2 vulnerabilities. Vulnerability Details CVEID: CVE-2019-19956 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c. By persuading a victim to open a specially crafted file,...

RHEL 8 : libxml2 (RHSA-2020:4479)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4479 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: memory leak in...

[ASA-202011-15] libxml2: multiple issues

Arch Linux Security Advisory ASA-202011-15 ========================================== Severity: Medium Date : 2020-11-17 CVE-ID : CVE-2019-20388 CVE-2020-7595 CVE-2020-24977 Package : libxml2 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1263 Summary ======= The...

Oracle Linux 8 : libxml2 (ELSA-2020-4479)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4479 advisory. - Fix CVE-2019-19956 1793001 - Fix CVE-2020-7595 1799786 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Security fix for the ALT Linux 10 package libxml2 version 1:2.9.10-alt4

Nov. 6, 2020 Aleksei Nikiforov 1:2.9.10-alt4 - Applied security fixes from upstream Fixes: CVE-2019-20388, CVE-2020-7595, CVE-2020-24977...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...