CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

AZL-74786 CVE-2026-0989 affecting package libxml2 2.11.5-9

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

UBUNTU-CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

EUVD-2026-2796

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

CVE-2026-0989

CVE-2026-0989 concerns a flaw in the RelaxNG parser in libxml2 where external schema inclusions can cause unbounded recursion, leading to stack exhaustion and denial-of-service crashes. The connected documents confirm this issue across multiple distributions (e.g., Amazon Linux 2/ALAS advisories,...

CVE-2022-0673

A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal...

PT-2026-3017

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description The RelaxNG parser in libxml2 does not limit the depth of external schema inclusions when resolving nested directives. This can lead to excessive recursion during parsing with specially craft...

EUVD-2022-1014

Malicious code in bioql PyPI...

CVE-2025-30220 GeoTools, GeoServer, and GeoNetwork XML External Entity (XXE) Processing Vulnerability in XSD schema handling

GeoServer is an open source server that allows users to share and edit geospatial data. GeoTools Schema class use of Eclipse XSD library to represent schema data structure is vulnerable to XML External Entity XXE exploit. This impacts whoever exposes XML processing with gt-xsd-core involved in...

CVE-2022-0673

A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal...

Directory traversal

A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal...

CVE-2022-0673

A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal...

LemMinX 路径遍历漏洞

LemMinX is an open source Xml language server from the Eclipse Foundation. It can be used with any editor that supports the protocol, thus providing good support for the Xml language. A security vulnerability exists in LemMinX that stems from a directory traversal flaw found in versions of LemMin...