3 matches found
JLSEC-2026-468
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...
OPENSUSE-SU-2024:11678-1 velocity-custom-parser-example-2.2-1.1 on GA media
These are all security issues fixed in the velocity-custom-parser-example-2.2-1.1 package on the GA media of openSUSE Tumbleweed...
Gemalto's HASP SRM custom XML-parser stack overflow vulnerability
Gemalto is a global leader in digital security, specializing in financial IC cards, payment security, mobile payment solutions, cloud authentication access services, identity and privacy protection, e-healthcare, e-government and other services. A stack overflow vulnerability exists in Gemalto's...