63 matches found
MiracleLinux 8 : libxml2-2.9.7-12.el8 (AXSA:2022-3108:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3108:01 advisory. libxml2: Use-after-free of ID and IDREF attributes CVE-2022-23308 Tenable has extracted the preceding description block directly from the MiracleLinux securi...
Advisory ROSA-SA-2025-3048
Software: libxml2 2.9.7 OS: ROSA Virtualization 3.1 unaffected versions = libxml2-2.9.7-21.0.1.rv31.3 affected versions libxml2-2.9.7-21.0.1.1.rv31.3 CVE-ID: CVE-2016-3709 BDU-ID: CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libxml2 library is related to the failure to take measures to...
Rocky Linux 8 : libxml2 (RLSA-2022:0899)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:0899 advisory. - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Nessus has not tested for this issue but has instead...
Medium: libxml2
Issue Overview: parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16931 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in...
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.12-alt1.p10.1
1:2.9.12-alt1.p10.1 built Feb. 2, 2023 Alexander Danilov in task 314068 Jan. 24, 2023 Alexander Danilov - Applied security fixes from upstream Fixes: CVE-2022-23308, CVE-2022-29824, CVE-2022-40303, CVE-2022-40304...
EulerOS Virtualization 3.0.2.6 : libxml2 (EulerOS-SA-2023-1057)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Tenable Network...
Tenable Nessus < 8.15.7 Multiple Vulnerabilities (TNS-2022-26)
Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...
Tenable Nessus < 10.3.1 Multiple Vulnerabilities (TNS-2022-20)
Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...
Tenable Nessus 8.x < 8.15.7 Multiple Vulnerabilities (TNS-2022-26)
According to its self-reported version, the Tenable Nessus application running on the remote host is 8.x prior to 8.15.7. It is, therefore, affected by multiple vulnerabilities, including: - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 - zlib...
Security Bulletin: IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities
Summary IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities. These components have been updated in the latest release and the vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest...
EulerOS Virtualization 3.0.6.0 : libxml2 (EulerOS-SA-2022-2572)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 - In libxml2 before 2.9.14,...
Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)
Summary A vulnerability in the libxml2 library can cause a denial of service in IBM InfoSphere Identity Insight. Other vulnerabilities that do not impact Identity Insight are present in four libraries that are currently included with the product but not used. Vulnerability Details...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-2202)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.9.1 : libxml2 (EulerOS-SA-2022-2183)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Tenable Network...
EulerOS Virtualization 2.9.0 : libxml2 (EulerOS-SA-2022-2202)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Tenable Network...
USN-5422-1: libxml2 vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly...
SUSE SLED15 / SLES15 Security Update : libxml2 (SUSE-SU-2022:2552-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2552-1 advisory. - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 - In libxml...
openSUSE: Security Advisory for libxml2 (SUSE-SU-2022:2552-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:2552-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:2552-1 Security update for libxml2
This update for libxml2 fixes the following issues: Update to 2.9.14: - CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c xmlBuf and tree.c xmlBuffer bsc1199132. Update to version 2.9.13: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF...