Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2026-0989: Fixed call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving include directives bsc1256805 Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2026:0334-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2026-0989: Fixed call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving directives bsc1256805...

Nessus Network Monitor < 6.5.3 Multiple Vulnerabilities (TNS-2026-02)

According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.5.3. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-02 advisory. - A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical...

CLSA-2026-1769542154 libxml2: Fix of CVE-2022-23308

CVE-2022-23308-fix.patch: fix undefined reference to ID variable and apply upstream regression fix to CVE-2022-23308 patch...

[R1] Tenable Network Monitor Version 6.5.3 Fixes Multiple Vulnerabilities

R1 Tenable Network Monitor Version 6.5.3 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 01/27/2026 - 14:02 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components libxml2, libxslt, expat, c-ares, curl, sqlite were fou...

[R1] Tenable Network Monitor Version 6.5.3 Fixes Multiple Vulnerabilities

R1 Tenable Network Monitor Version 6.5.3 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 01/27/2026 - 14:02 Nessus Network Monitor leverages third-party software to help provide underlying functionality. Several of the third-party components libxml2, libxslt, expat, c-ares, curl, sqlite were fou...

Ubuntu: Security Advisory (USN-7974-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak

xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak...

Advisory ROSA-SA-2026-3130

software: libxml2 2.9.14 OS: ROSA-CHROME unaffected versions = libxml2-2.9.14-12 affected versions libxml2-2.9.14-12 CVE-ID: CVE-2025-6021 BDU-ID: 2025-07144 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a stack-based buffer overflow...

Advisory ROSA-SA-2026-3122

software: libxml2 2.9.14 OS: ROSA-CHROME unaffected versions = libxml2-2.9.14-11 affected versions libxml2-2.9.14-11 CVE-ID: CVE-2022-49043 BDU-ID: 2025-11749 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlXIncludeAddNode function of the xinclude.c file of the libxml2 library is related to...

CLSA-2026-1768943030 libxml2: Fix of CVE-2025-9714

revert fixes for CVE-2025-9714 due to build failures due to XPath error...

OPENSUSE-SU-2026:10085-1 libxml2-16-2.14.5-2.1 on GA media

These are all security issues fixed in the libxml2-16-2.14.5-2.1 package on the GA media of openSUSE Tumbleweed...

Low: libxml2

Issue Overview: A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has be...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1360)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1360 advisory. A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads t...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : libxml2 vulnerabilities (USN-7974-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7974-1 advisory. It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog...

USN-7974-1 libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog files. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. CVE-2025-8732 It was discovered that libxml2 incorrectly handled recursive include...

K000159661: libxml2 vulnerabilities CVE-2025-32414 and CVE-2025-32415

Security Advisory Description CVE-2025-32414 In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between...

[SECURITY] Fedora 42 Update: mingw-libxslt-1.1.43-4.fc42

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

[SECURITY] Fedora 43 Update: mingw-libxslt-1.1.43-4.fc43

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

Azul Zulu Java Multiple Vulnerabilities (2026-01-20)

The version of Azul Zulu installed on the remote host is 6 prior to 6.77.0.12 / 7 prior to 7.83.0.12 / 8 prior to 8.91.0.12 / 11 prior to 11.85.12 / 17 prior to 17.63.12 / 21 prior to 21.47.14 / 25 prior to 25.31.14. It is, therefore, affected by multiple vulnerabilities as referenced in the...