RHSA-2026:22420 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

RHEL 8 : libxml2 (RHSA-2026:14832)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:14832 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...

BIT-JAVA-2025-32414

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

UBUNTU-CVE-2026-1757

A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution but fails to fr...

CVE-2026-0992

A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to...

ALSA-2025:22376 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 For more details about the security issues, including the impact, a CVSS...

DEBIAN-CVE-2025-12863

A flaw was found in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory regi...

CVE-2025-12863

...

RHEL 9 : libxml2 (RHSA-2025:13677)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13677 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

RHEL 7 : libxml2 (RHSA-2025:13464)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13464 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: Heap Use-After-Free in...

CVE-2025-49795

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service...

The vulnerability of the Python API component of the libxml2 library, which allows a hacker to trigger a denial-of-service attack.

The vulnerability of the Python API component of the libxml2 library is related to incorrect checking of the returned value from methods or functions. Exploiting this vulnerability could allow an attacker to cause service failures remotely...

ROS-20250424-07

Vulnerability of xmlPatMatch function in pattern.c file of libxml2 library is related to null pointer dereferencing. pointer. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. denial of service A vulnerability in the libxml2 library is related...

libxml2 安全漏洞

libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 versions prior to 2.12.10 and 2.13.6, which is caused by a null pointer dereference in pattern.c. The...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

The vulnerability of the Libxml2 library, related to the lack of measures taken to protect the structure of web pages, allows attackers to access confidential data and compromise its integrity.

The vulnerability of the Libxml2 library is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability can allow an attacker to gain access to confidential data and compromise its integrity...

CLSA-2022-1670523520 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

UBUNTU-CVE-2022-23308

valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...

The vulnerability of the `xmlEncodeEntitiesInternal` function in the `libxml2/entities.c` file of the Libxml2 library involves reading data beyond the allowed buffer limits. This allows attackers to access confidential data and also trigger a denial-of-service attack.

The vulnerability of the xmlEncodeEntitiesInternal function in the libxml2/entities.c file of the Libxml2 library is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause service interruptions...