4211 matches found
CVE-2025-12863
Rejected reason: This CVE was assigned for a libxml2 issue1012 but later deemed not valid. Ref.: https://gitlab.gnome.org/GNOME/libxml2/-/issues/1012note2608283...
UBUNTU-CVE-2025-12863
A flaw was found in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory regi...
CVE-2025-12863
CVE-2025-12863 entry is rejected/not used and does not represent an active vulnerability.
CVE-2025-12863
...
CVE-2025-12863
...
CVE-2025-12863
Removed by vendor...
EUVD-2025-38299
A flaw was found in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory regi...
CVE-2025-12863
A flaw was found in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory regi...
PT-2025-45506
Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description A flaw exists in the xmlSetTreeDoc function of the libxml2 XML parsing library. This function manages document pointers during XML node movements between documents. Improper handling of...
编号撤回
libxml2 is a GNOME open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, XSH. A resource management error vulnerability exists in libxml2, which stems from an improper handling of namespace references in the xmlSetTreeDoc function,...
CVE-2025-64171
A cross-namespace authorization flaw has been identified in the MARIN3R operator’s DiscoveryServiceCertificate resource. The flaw occurs because the operator mistakenly treats certain inputs as valid, bypassing Kubernetes Role-Based Access Control RBAC. When a user has permission to create...
CVE-2025-64171
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
EUVD-2025-37859
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
CVE-2025-64171
CVE-2025-64171 MARIN3R is a cross-namespace secret access vulnerability in the MARIN3R operator. In versions ≤ 0.13.3, DiscoveryServiceCertificate could bypass RBAC, allowing a user who can create DiscoveryServiceCertificate resources in one namespace to indirectly read Secrets in other namespace...
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
CVE-2025-64171 MARIN3R: Cross-Namespace Vulnerability in the Operator
MARIN3R is a lightweight, CRD based envoy control plane for kubernetes. In versions 0.13.3 and below, there is a cross-namespace secret access vulnerability in the project's DiscoveryServiceCertificate which allows users to bypass RBAC and access secrets in unauthorized namespaces. This issue is...
marin3r 安全漏洞
marin3r is a lightweight CRD-based kubernetes control panel open-sourced by Red Hat 3scale SRE. A security vulnerability exists in marin3r 0.13.3 and earlier versions, which stems from a cross-namespace secret access vulnerability in DiscoveryServiceCertificate that could lead to bypassing RBAC a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990529)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990529 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unregister flowtable hooks on netns exit Unregister flowtable hooks before...
CLSA-2025-1762244592 kernel: Fix of 5 CVEs
ext4: fix possible UAF when remounting r/o a mmp-protected file system CVE-2021-47342 - ext4: fix memory leak in ext4fillsuper - net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - net/sched: schqfq: Fix race condition on qfqaggregate CVE-2025-38477 - ALSA: usb-audio: Fix an...