Lucene search
+L

59 matches found

EUVD
EUVD
added 2026/01/15 2:20 p.m.4 views

EUVD-2026-2796

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS6.1AI score0.00419EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/15 2:20 p.m.6 views

CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS6.2AI score0.00419EPSS
Exploits1References4
CVE
CVE
added 2026/01/15 2:20 p.m.63 views

CVE-2026-0989

CVE-2026-0989 concerns a flaw in the RelaxNG parser in libxml2 where external schema inclusions can cause unbounded recursion, leading to stack exhaustion and denial-of-service crashes. The connected documents confirm this issue across multiple distributions (e.g., Amazon Linux 2/ALAS advisories,...

3.7CVSS6.2AI score0.00419EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/01/15 2:20 p.m.42 views

CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS0.00419EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/01/15 2:20 p.m.6 views

CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS4.4AI score0.00419EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/01/15 2:20 p.m.1 views

CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS5.6AI score0.00419EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2026/01/15 2:20 p.m.5 views

CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS5.8AI score0.00419EPSS
Exploits1References4
OSV
OSV
added 2026/01/15 2:20 p.m.1 views

CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS5.9AI score0.00419EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2026/01/15 2:20 p.m.6 views

CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS6.6AI score0.00419EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

libxml2 security vulnerability

Libxml2 is an open-source library from GNOME that is used for parsing XML documents. It is written in C language and can be called by various languages, such as C, C++, and XSH. Libxml2 has a security vulnerability; this vulnerability stems from the RelaxNG parser’s failure to limit the depth of...

3.7CVSS5.8AI score0.00419EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-0989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion...

3.7CVSS6.1AI score0.00419EPSS
Exploits1References2
Snyk
Snyk
added 2026/01/15 12:0 a.m.6 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the RelaxNG schema inclusion process. An attacker can cause stack exhaustion and application crashes by supplying maliciously crafted or deeply nested schema files that trigger unbounded recursion during...

6.3CVSS5.8AI score0.00419EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.6 views

PT-2026-3017

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description The RelaxNG parser in libxml2 does not limit the depth of external schema inclusions when resolving nested directives. This can lead to excessive recursion during parsing with specially craft...

5.9CVSS5.8AI score0.00755EPSS
Exploits4References84
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.14 views

Fedora: Security Advisory for relaxng-datatype-java (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02578EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.29 views

[SECURITY] Fedora 40 Update: relaxng-datatype-java-2011.1-4.fc40

Interface between RELAX NG validators and datatype libraries...

8.8CVSS6.9AI score0.02578EPSS
Exploits3
Fedora
Fedora
added 2022/09/24 12:16 a.m.50 views

[SECURITY] Fedora 37 Update: python-lxml-4.9.1-1.fc37

lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTree It extends the ElementTree API significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, C14N and much more...

7.5CVSS6.7AI score0.02462EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/09/19 12:0 a.m.12 views

Fedora: Security Advisory for python-lxml (FEDORA-2022-ed0eeb6a20)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.8AI score0.02462EPSS
Exploits1References2
Fedora
Fedora
added 2022/09/18 1:16 a.m.40 views

[SECURITY] Fedora 36 Update: python-lxml-4.7.1-3.fc36

lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTree It extends the ElementTree API significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, C14N and much more.To contact the project, ...

7.5CVSS6.7AI score0.02462EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/01/23 12:0 a.m.17 views

Fedora: Security Advisory for python-lxml (FEDORA-2022-7129fbaeed)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS7.3AI score0.02456EPSS
Exploits0References2
Rows per page
Query Builder