[SECURITY] [DLA 4622-1] libxml2 security update

Debian LTS Advisory DLA-4622-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin June 08, 2026 https://wiki.debian.org/LTS Package : libxml2 Version : 2.9.10+dfsg-6.7+deb11u10 CVE ID : CVE-2025-8732 CVE-2026-0989 CVE-2026-0990 CVE-2026-0992 CVE-2026-1757 Debian Bug :...

EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2026-2055)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not...

AIX : Multiple Vulnerabilities (IJ58122)

The version of AIX installed on the remote host is prior to APAR IJ58122. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58122 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

AIX : Multiple Vulnerabilities (IJ58140)

The version of AIX installed on the remote host is prior to APAR IJ58140. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ58140 advisory. - A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD...

Security Bulletin: Vulnerabilities in libxml2 (CVE-2026-0989, CVE-2026-0990, CVE-2026-0992) affect AIX

Summary Vulnerabilities in libxml2 could cause a denial of service CVE-2026-0989, CVE-2026-0990, CVE-2026-0992. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2026-6732 DESCRIPTION: A flaw was found in libxml2. This vulnerability occurs when the library...

OESA-2026-1598 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2026-1252)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain...

SUSE-SU-2026:0570-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807, bsc1256811 - CVE-2026-0992: Fixed an excessive resource consumption when processing XML catalogs due to...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1396)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1396 advisory. A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry...

Medium: libxml2

Issue Overview: A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issu...

PT-2026-3018

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description An uncontrolled recursion issue exists in libxml2, an XML parsing library, specifically within the xmlCatalogXMLResolveURI function. This occurs when an XML catalog includes a delegate URI...

CVE-2025-8732

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

CVE-2025-8732 libxml2 xmlcatalog xmlParseSGMLCatalog recursion

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

SUSE CVE-2022-48545

An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02...