RHEL 6 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

RHEL 7 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Missing validation for external entities in xmlParsePEReference CVE-2017-7375 - The...

RHEL 7 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Missing validation for external entities in xmlParsePEReference CVE-2017-7375 - libxml2:...

RHEL 5 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

Security Bulletin: Vulnerabilities in libxml2 affect IBM BladeCenter Advanced Management Module (AMM) (CVE-2017-7376, CVE-2017-7375, CVE-2017-5969, CVE-2017-0663)

Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in libxml2. Vulnerability Details Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities in libxml2. Vulnerability Details CVEID: CVE-2017-7376 Descriptio...

Ubuntu: Security Advisory (USN-3424-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2701-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1070)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1336)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1089)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.5.0 : libxml2 (EulerOS-SA-2018-1336)

According to the version of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A flaw in libxml2 allows remote XML entity inclusion with default parser flags i.e., when the caller did not request entity...

Security Bulletin: Rational Systems Tester is affected by Libxml2 vulnerabilities CVE-2016-9318, CVE-2017-5969, CVE-2017-7375 and CVE-2017-8872

Summary A new Libxml2 vulnerability was disclosed by the Libxml2 Project. Libxml2 is used by Rational Systems Tester. Rational Systems Tester has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2016-9318 DESCRIPTION: Llibxml2 could allow a remote attacker to obtain sensitive...

Security Bulletin: IBM Streams may be affected by XMLsoft Libxml2 vulnerabilities

Summary The libxml2 library, used by IBM Streams may have security vulnerabilities. IBM Streams has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2017-7376 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by the incorrect limit used when calculating the port val...

CVE-2017-7375

CVE-2017-7375 describes a flaw in the libxml2 parser that allows remote XML entity inclusion when default parser flags are used (no substitution/validation/DTD loading). This XXE can cause access to local files or remote resources (HTTP/FTP) depending on context, potentially expanding the attacke...

Updated libxml2 & perl-XML-LibXML packages fix security vulnerabilities

Use-after-free error could lead to crash CVE-2016-4658. Use-after-free vulnerability in libxml2 through 2.9.4 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function CVE-2016-5131. libxml2 2.9.4 and earli...

USN-3424-1: libxml2 vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code...

Remote Code Execution (RCE)

The nokogiri gem is susceptible to Remote Code Execution RCE. These vulnerabilities are possible because the gem contains a version of the libxml2 C package which is affected by CVE-2017-7375 and CVE-2017-7376 respectively. These vulnerabilities allow a malicious user to pass a XML file to execut...

Ubuntu 14.04 LTS / 16.04 LTS : libxml2 vulnerabilities (USN-3424-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3424-1 advisory. It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause...

[SECURITY] [DSA 3952-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3952-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 23, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3952-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3952-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 23, 2017 https://www.debian.org/security/faq -...