255 matches found
OESA-2025-1525 glib2 security update
GLib is a bundle of three formerly five low-level system libraries written in C and developed mainly by GNOME. GLib's code was separated from GTK, so it can be used by software other than GNOME and has been developed in parallel ever since. Security Fixes: A flaw was found in GLib. An integer...
Medium: libxml2
Issue Overview: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...
Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2025-963)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-963 advisory. In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead...
Azure Linux 3.0 Security Update: libsoup (CVE-2025-32050)
The version of libsoup installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32050 advisory. - A flaw was found in libsoup. The libsoup appendparamquoted function May contain an overflow bug resulting i...
CBL Mariner 2.0 Security Update: libsoup (CVE-2025-32050)
The version of libsoup installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32050 advisory. - A flaw was found in libsoup. The libsoup appendparamquoted function May contain an overflow bug resulting i...
libsoup: Integer overflow in append_param_quoted
A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read...
SUSE SLED15: libxml2-2 / libxml2-2-32bit / libxml2-devel / libxml2-devel-32bit / etc (SUSE-SU-2025:1438-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1438-1 advisory. - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 -...
SUSE-SU-2025:1440-1 Security update for libxml2
This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453...
SUSE-SU-2025:1439-1 Security update for libxml2
This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453 Patch Instructions: To install this SUSE update use...
SUSE-SU-2025:1438-1 Security update for libxml2
This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453...
Heap-based Buffer Under-read
libxml2.so is vulnerable to a Heap-based buffer under-read. The vulnerability is due to improper handling of identity constraints in the XML schema processing, specifically in the xmlSchemaIDCFillNodeTables function in xmlschemas.c, allows a heap-based buffer under-read when certain identity...
libxml2 < 2.13.8 / 2.14.x < 2.14.2 Multiple Vulnerabilities (macOS)
The version of libxml2 installed on the remote host is affected by multiple vulnerabilities. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and...
[SECURITY] [DLA 4140-1] libsoup2.4 security update
Debian LTS Advisory DLA-4140-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson April 27, 2025 https://wiki.debian.org/LTS Package : libsoup2.4 Version : 2.72.0-2+deb11u2 CVE ID : CVE-2025-2784 CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906...
Buffer Under-read
Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Buffer Under-read in the xmlSchemaIDCFillNodeTables function. An attacker can cause partial denial of service by by validating a malicious XML document against an XML schema usin...
CVE-2025-32415
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
CVE-2025-32415
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
CVE-2025-32415
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
SUSE CVE-2025-3360
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...
CVE-2025-3360
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the gdatetimenewfromiso8601 function...