MiracleLinux 9 : libxml2-2.9.13-3.el9 (AXSA:2023-4863:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4863:02 advisory. libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 Tenable has...

libxml2: dict corruption caused by entity reference cycles

A flaw was found in libxml2. When a reference cycle is detected in the XML entity cleanup function the XML entity data can be stored in a dictionary. In this case, the dictionary becomes corrupted resulting in logic errors, including memory errors like double free...

CLSA-2022-1670523520 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

CLSA-2022-1670523403 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

CLSA-2022-1670522857 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

CLSA-2022-1670521677 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

CLSA-2022-1670518262 Fix CVE(s): CVE-2022-40303, CVE-2022-40304

SECURITY UPDATE: Integer overflows with XMLPARSEHUGE - debian/patches/CVE-2022-40303.patch: Impose size limits when XMLPARSEHUGE is set and add length checks to core parser functions - CVE-2022-40303 SECURITY UPDATE: Dict corruption caused by entity reference cycles -...

Mageia: Security Advisory (MGASA-2022-0412)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated libxml2 packages fix security vulnerability

Integer overflows with XMLPARSEHUGE. CVE-2022-40303 Dict corruption caused by entity reference cycles. CVE-2022-40304...

MGASA-2022-0412 Updated libxml2 packages fix security vulnerability

Integer overflows with XMLPARSEHUGE. CVE-2022-40303 Dict corruption caused by entity reference cycles. CVE-2022-40304...

[SECURITY] [DSA 5271-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5271-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 05, 2022 https://www.debian.org/security/faq -...