55 matches found
Siemens SIMATIC S7-1500 Use After Free (CVE-2023-45322)
libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when...
Linux Distros Unpatched Vulnerability : CVE-2023-45322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the...
Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in the RHEL UBI (CVE-2024-25062, CVE-2023-39615, CVE-2023-45322)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-25062, CVE-2023-39615, CVE-2023-45322. Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: GNOME libxml2 is vulnerable t...
TencentOS Server 4: libxml2 (TSSA-2024:0452)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0452 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Debian: Security Advisory (DLA-4064-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: libxml2 (CVE-2023-45322)
The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45322 advisory. - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. Th...
CBL Mariner 2.0 Security Update: libxml2 (CVE-2023-45322)
The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45322 advisory. - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. Th...
CVE-2023-45322 affecting package libxml2 for versions less than 2.11.5-3
CVE-2023-45322 affecting package libxml2 for versions less than 2.11.5-3. A patched version of the package is available...
Advisory ROSA-SA-2024-2467
software: libxml2 2.9.14 OS: ROSA-CHROME packageevrstring: libxml2-2.9.14-5 CVE-ID: CVE-2023-45322 BDU-ID: 2023-06827 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlUnlinkNode function tree.c of the libxml2 library is related to memory usage after it is freed. Exploitation of the vulnerabili...
RHEL 8 : libxml2 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: NULL pointer dereference in xmlXPathCompOpEval function in xpath.c CVE-2018-14404 - libxml2...
EulerOS Virtualization 2.11.0 : libxml2 (EulerOS-SA-2024-1431)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in...
EulerOS Virtualization 2.11.1 : libxml2 (EulerOS-SA-2024-1403)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1431)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1403)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2024-1384)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1384)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2024-1363)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in...
openSUSE: Security Advisory for libxml2 (SUSE-SU-2023:4464-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for libxml2 (SUSE-SU-2023:4504-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202402-11 : libxml2: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-11 libxml2: Multiple Vulnerabilities - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in...