106 matches found
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1595)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2024-0172 Updated libxml2 packages fix a security vulnerability
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. CVE-2024-25062...
Updated libxml2 packages fix a security vulnerability
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. CVE-2024-25062...
EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2024-1573)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...
EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2024-1595)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...
Oracle Linux 9 : libxml2 (ELSA-2024-2679)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2679 advisory. 2.9.13-6 - Fix CVE-2024-25062 RHEL-29196 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...
EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2024-1510)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1489)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2024-1489)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...
GHSA-VCC3-RW6F-JV97 Duplicate Advisory: Use-after-free in libxml2 via Nokogiri::XML::Reader
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xc9x-jj77-9p9j. This link is maintained to preserve external references. Original Description Summary Nokogiri upgrades its dependency libxml2 as follows: - v1.15.6 upgrades libxml2 to 2.11.7 from 2.11.6 - v1.16...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libxml2 vulnerability (USN-6658-2)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6658-2 advisory. USN-6658-1 fixed a vulnerability in libxml2. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and...
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : libxml2 vulnerability (USN-6658-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6658-1 advisory. It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to...
OESA-2024-1183 libxml2 security update
Library providing XML and HTML support. Security Fixes: An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement...
CLSA-2024-1708639232 libxml2: Fix of CVE-2024-25062
CVE-2024-25062: Fix xmlValidatePopElement use-after-free in XML Reader interface with DTD validation and XInclude expansion enabled - test suite was partially activated...
libxml2: Fix of CVE-2024-25062
CVE-2024-25062: Fix xmlValidatePopElement use-after-free in XML Reader interface with DTD validation and XInclude expansion enabled - test suite was partially activated...
CLSA-2024-1708639015 libxml2: Fix of CVE-2024-25062
CVE-2024-25062: Fix xmlValidatePopElement use-after-free when processing crafted XML documents with DTD validation and XInclude expansion enabled - test suite was partially enabled...
CLSA-2024-1708416911 libxml2: Fix of CVE-2024-25062
CVE-2024-25062: Fix use-after-free issue in libxml2 XML Reader interface with DTD validation and XInclude expansion enabled...
GLSA-202402-11 : libxml2: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-11 libxml2: Multiple Vulnerabilities - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in...
Use After Free
libxml2 is vulnerable to Use After Free. The vulnerability is caused due to a lack of validation within the xmlTextReader module. When parsing a crafted XML document using the XML Reader interface with DTD validation and XInclude expansion enabled, a xmlValidatePopElement use-after-free exception...
SUSE CVE-2024-25062
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...