50 matches found
MiracleLinux 4 : libxml2-2.7.6-17.1.0.1.AXS4 (AXSA:2014-724:04)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-724:04 advisory. Description : This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includ...
Debian: Security Advisory (DLA-151-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K15872: libxml2 vulnerability CVE-2014-3660
Security Advisory Description parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of...
SUSE: Security Advisory (SUSE-SU-2014:1440-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0003-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM BladeCenter Advanced Management Module is affected by libxml2 vulnerabilities (CVE-2014-0191, CVE-2013-2877, CVE-2014-3660)
Summary Security vulnerabilities libxml2 affect IBM BladeCenter Advanced Management Module. Vulnerability Details Summary Security vulnerabilities libxml2 affect IBM BladeCenter Advanced Management Module. Vulnerability Details: CVE-ID: CVE-2014-0191 Description: Libxml2 is vulnerable to a denial...
OracleVM 3.2 : libxml2 (OVMSA-2016-0063)
The remote OracleVM system is missing necessary patches to address critical security updates : - Add libxml2-enterprise.patch - Replaced doc/redhat.gif in tarball with updated image - CVE-2014-3660 denial of service via recursive entity expansion rhbz1161841 - fixed one regexp bug and added a...
Oracle: Security Advisory (ELSA-2015-2550)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201412-06
Gentoo Linux Local Security Checks GLSA 201412-06 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
OracleVM 3.3 : libxml2 (OVMSA-2015-0097)
The remote OracleVM system is missing necessary patches to address critical security updates : - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball - CVE-2015-1819 Enforce the reader to run in constant memoryrhbz1214163 - Stop parsing on entities...
Oracle Linux 6 : libxml2 (ELSA-2015-1419)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1419 advisory. - CVE-2015-1819 Enforce the reader to run in constant memoryrhbz1214163 - Fix missing entities after CVE-2014-3660 fix rhbz1149086 - CVE-2014-3660 denial of...
Fedora Update for libxml2 FEDORA-2015-4658
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : libxml2-2.9.1-7.fc21 (2015-4658)
fixes built in also added a couple of other entities related patches including a fix to CVE-2014-3660 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
[SECURITY] [DSA 3057-2] libxml2 regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3057-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 07, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3057-2] libxml2 regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3057-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 07, 2015 http://www.debian.org/security/faq -...
Mandriva Linux Security Advisory : libxml2 (MDVSA-2015:111)
Updated libxml2 packages fix security vulnerabilities : It was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote...
libxml2 security update
2.9.1-5.0.1.el71.2 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.9.1-5.2 - Fix missing entities after CVE-2014-3660 fix - CVE-2014-0191 Do not fetch external parameter entities rhbz1195649 - Fix regressions introduced by CVE-2014-0191 patch...
Debian DLA-151-1 : libxml2 security update
It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity substitution or validation is enabled. In addition, this update addresses a regression introduced in DSA 3057 b...
Debian DLA-80-1 : libxml2 security update
Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption denial of service...
DLA-151-1 libxml2 - security update
Bulletin has no description...