180 matches found
OESA-2025-1536 libxml2 security update
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
Medium: libxml2
Issue Overview: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...
USN-7467-2: libxml2 vulnerabilities
USN-7467-1 fixed several vulnerabilities in libxml2. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use thi...
USN-7467-2 libxml2 vulnerabilities
USN-7467-1 fixed several vulnerabilities in libxml2. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use thi...
USN-7467-1: libxml2 vulnerabilities
It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service. CVE-2025-32414 It was discovered that libxml2 incorrectly handled certain memory operations. A remot...
USN-7467-1 libxml2 vulnerabilities
It was discovered that the libxml2 Python bindings incorrectly handled certain return values. An attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service. CVE-2025-32414 It was discovered that libxml2 incorrectly handled certain memory operations. A remot...
OESA-2025-1458 libxml2 security update
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
SUSE CVE-2025-32414
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...
DEBIAN-CVE-2025-32414
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...
AZL-59740 CVE-2025-32414 affecting package libxml2 for versions less than 2.11.5-5
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...
UBUNTU-CVE-2025-32414
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...
PT-2025-14373 · Crates.Io · Pyo3
PyString::from object took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read by raising a Python exceptio...
Security update for SUSE Manager Client Tools
This update fixes the following issues: salt: Revert setting SELinux context for minion service bsc1233667 Removed System V init support Fix the condition of alternatives for Tumbleweed and Leap 16 Build all python bindings for all flavors Make minion reconnecting on changing master IP bsc1228182...
Build corruption when using `PYO3_CONFIG_FILE` environment variable
In PyO3 0.23.0 the PYO3CONFIGFILE environment variable used to configure builds regressed such that changing the environment variable would no longer trigger PyO3 to reconfigure and recompile. In combination with workflows using tools such as maturin to build for multiple versions in a single...
PT-2024-40924 · Pypi · Pyo3
Name of the Vulnerable Software and Affected Versions: PyO3 versions prior to 0.23 Description: The family of functions to read "borrowed" values from Python weak references were fundamentally unsound due to the weak reference not having ownership of the value. This could lead to a dangling...
Fedora: Security Advisory for python-pyqt6 (FEDORA-2024-bfb8617ba3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: python-qt5-5.15.10-6.fc40
PyQt5 is Python bindings for Qt5...
CVE-2024-34359
llama-cpp-python is the Python bindings for llama.cpp. llama-cpp-python depends on class Llama in llama.py to load .gguf llama.cpp or Latency Machine Learning Models. The init constructor built in the Llama takes several parameters to configure the loading and running of the model. Other than NUM...
CVE-2024-34359 llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata
llama-cpp-python is the Python bindings for llama.cpp. llama-cpp-python depends on class Llama in llama.py to load .gguf llama.cpp or Latency Machine Learning Models. The init constructor built in the Llama takes several parameters to configure the loading and running of the model. Other than NUM...
Ubuntu 20.04 LTS : UltraJSON vulnerabilities (USN-6629-3)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6629-3 advisory. USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. Tenable has extracted the preceding...