6887 matches found
GHSA-C4CC-X928-VJW9 robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation
Summary An authentication bypass vulnerability exists due to a flaw in the libxml2 canonicalization process, which is used by xmlseclibs during document transformation. This weakness allows an attacker to generate a valid signature once and reuse it indefinitely. In practice, a signature created...
robrichards/xmlseclibs has an Libxml2 Canonicalization error which can bypass Digest/Signature validation
Summary An authentication bypass vulnerability exists due to a flaw in the libxml2 canonicalization process, which is used by xmlseclibs during document transformation. This weakness allows an attacker to generate a valid signature once and reuse it indefinitely. In practice, a signature created...
Ruby-saml allows a Libxml2 Canonicalization error to bypass Digest/Signature validation
Summary Ruby-saml up to and including 1.12.4, there is an authentication bypass vulnerability because of an issue at libxml2 canonicalization process used by Nokogiri for document transformation. That allows an attacker to be able to execute a Signature Wrapping attack. The vulnerability does not...
CLSA-2025-1764958229 libxml2: Fix of CVE-2025-27113
CVE-2025-27113: fix NULL pointer dereference in xmlPatMatch in pattern.c...
RHEL 9 : libxml2 (RHSA-2025:22162)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22162 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...
AlmaLinux 9 : libxml2 (ALSA-2025:22376)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:22376 advisory. libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 Tenable has extracted the preceding description block...
RHEL 9 : libxml2 (RHSA-2025:22163)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22163 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...
Ubuntu 14.04 LTS : libxml2 vulnerabilities (USN-7896-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7896-1 advisory. It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use this issue to cause libxml2 ...
RHEL 9 : libxml2 (RHSA-2025:22377)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22377 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...
RHEL 9 : libxml2 (RHSA-2025:22376)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22376 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...
RHEL 9 : libxml2 (RHSA-2025:22177)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22177 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite...
Advisory ROSA-SA-2025-3097
Software: libxml2 2.9.7 OS: ROSA Virtualization 2.1 packageevrstring: libxml2-2.9.7-18.rv3.2 CVE-ID: CVE-2023-39615 BDU-ID: 2023-05968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlsax2startelement function of the libxml2 library is caused by a buffer overflow. Exploitation of the...
Advisory ROSA-SA-2025-3085
Software: libxml2 2.9.1 OS: rosa-server79 unaffected versions = libxml2-2.9.1-6.0.11.res7.6 affected versions libxml2-2.9.1-6.0.11.res7.6 CVE-ID: CVE-2025-6021 BDU-ID: 2025-07144 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...
RLSA-2025:22376 Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 For more details about the security issues, including the impact, a CVSS...
libxml2 security update
An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...
Oracle Linux 9 : libxml2 (ELSA-2025-22376)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22376 advisory. 2.9.13-14 - Rebuilt for the correct target in RHEL 9.7-z RHEL-119283 2.9.13-13 - Fix CVE-2025-9714 RHEL-119283 Tenable has extracted the preceding description...
RockyLinux 9 : libxml2 (RLSA-2025:22376)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:22376 advisory. libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 Tenable has extracted the preceding description block...
📄 libxml2 2.9.14 (2022) Heap Buffer Overflow
libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. ============================================================================================================================================= | Title : libxml2 2.9.14...
RHSA-2025:22377 Red Hat Security Advisory: libxml2 security update
Bulletin has no description...
RHSA-2025:22376 Red Hat Security Advisory: libxml2 security update
Bulletin has no description...