Lucene search
K

214 matches found

OSV
OSV
added 2025/02/03 11:13 p.m.11 views

MGASA-2025-0034 Updated libxml2 packages fix security vulnerability

xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. CVE-2022-49043...

8.1CVSS7.9AI score0.00257EPSS
Exploits0References3
OSV
OSV
added 2025/02/03 4:33 p.m.11 views

SUSE-SU-2025:0341-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. bsc1236460...

8.1CVSS7.9AI score0.00257EPSS
Exploits0References3
OSV
OSV
added 2025/01/30 2:49 p.m.13 views

SUSE-SU-2025:0300-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. bsc1236460...

8.1CVSS7.9AI score0.00257EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/01/01 12:0 a.m.6 views

Fedora 40 : libxml2 (2024-9f3765a04b)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9f3765a04b advisory. Update to 2.12.9 Fixes CVE-2024-40896 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...

9.1CVSS7.1AI score0.01192EPSS
Exploits0References2
OSV
OSV
added 2024/09/12 8:18 p.m.15 views

RHSA-2024:3625 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

7.5CVSS7.8AI score0.01364EPSS
Exploits3References9
Debian
Debian
added 2024/09/05 3:13 p.m.10 views

[SECURITY] [DLA 3878-1] libxml2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3878-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 05, 2024 https://wiki.debian.org/LTS -...

7.5CVSS6.8AI score0.02462EPSS
Exploits2
OSV
OSV
added 2024/06/15 12:0 a.m.15 views

OPENSUSE-SU-2024:13192-1 libxml2-2-2.10.4-3.1 on GA media

These are all security issues fixed in the libxml2-2-2.10.4-3.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS7.3AI score0.00667EPSS
Exploits1References1
OSV
OSV
added 2024/05/29 11:7 a.m.4 views

SUSE-SU-2024:0556-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2024-25062: Fixed use-after-free in XMLReader bsc1219576...

7.5CVSS7.7AI score0.01364EPSS
Exploits3References3
OSV
OSV
added 2024/05/09 2:40 a.m.7 views

MGASA-2024-0172 Updated libxml2 packages fix a security vulnerability

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. CVE-2024-25062...

7.5CVSS7.6AI score0.01364EPSS
Exploits3References3
OSV
OSV
added 2023/11/23 8:35 a.m.3 views

SUSE-SU-2023:4537-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode in tree.c bsc1216129...

6.5CVSS6.7AI score0.00826EPSS
Exploits0References3
OSV
OSV
added 2023/10/22 9:4 p.m.5 views

MGASA-2023-0298 Updated libxml2 packages fix a security vulnerability

libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. CVE-2023-45322...

6.5CVSS6.6AI score0.00826EPSS
Exploits0References3
OSV
OSV
added 2023/10/16 7:13 p.m.6 views

SUSE-SU-2023:3666-2 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow bsc1214768...

6.5CVSS7AI score0.00667EPSS
Exploits1References3
OSV
OSV
added 2023/09/30 7:15 p.m.9 views

MGASA-2023-0279 Updated libxml2 packages fix a security vulnerability

The updated packages fix a security vulnerability: Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted XML file. CVE-2023-39615...

6.5CVSS6.5AI score0.00667EPSS
Exploits1References4
OSV
OSV
added 2023/09/20 9:2 a.m.10 views

SUSE-SU-2023:3699-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow bsc1214768...

6.5CVSS7AI score0.00667EPSS
Exploits1References3
OSV
OSV
added 2023/09/18 7:52 p.m.4 views

SUSE-SU-2023:3666-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow bsc1214768...

6.5CVSS7AI score0.00667EPSS
Exploits1References3
OSV
OSV
added 2023/05/06 6:19 p.m.7 views

MGASA-2023-0157 Updated libxml2 packages fix security vulnerability

NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code...

7.5CVSS7AI score0.02462EPSS
Exploits2References5
Debian
Debian
added 2023/04/30 11:0 a.m.27 views

[SECURITY] [DLA 3405-1] libxml2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3405-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz April 30, 2023 https://wiki.debian.org/LTS -...

6.5CVSS8AI score0.01086EPSS
Exploits1
OSV
OSV
added 2023/04/27 9:31 a.m.5 views

SUSE-SU-2023:2054-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-29469: Fixed inconsistent result when hashing empty strings bsc1210412. - CVE-2023-28484: Fixed NULL pointer dereference in xmlSchemaFixupComplexType bsc1210411...

6.5CVSS6.8AI score0.01086EPSS
Exploits1References5
OSV
OSV
added 2023/04/26 7:6 p.m.5 views

SUSE-SU-2023:2048-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-29469: Fixed inconsistent result when hashing empty strings bsc1210412. - CVE-2023-28484: Fixed NULL pointer dereference in xmlSchemaFixupComplexType bsc1210411. - CVE-2022-29824: Fixed integer overflow leading to out-of-bounds write ...

6.5CVSS6.4AI score0.0363EPSS
Exploits6References10
AlpineLinux
AlpineLinux
added 2023/04/24 12:0 a.m.47 views

CVE-2023-29469

An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...

6.5CVSS6.9AI score0.01013EPSS
Exploits0
Rows per page
Query Builder