RHEL 7 : libxml2 (RHSA-2025:12240)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12240 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-49796)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49796 advisory. - A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can...

RHEL 8 : libxml2 (RHSA-2025:12241)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12241 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-6021)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6021 advisory. - A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations ca...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

CVE-2025-6021 affecting package libxml2 for versions less than 2.10.4-8

CVE-2025-6021 affecting package libxml2 for versions less than 2.10.4-8. A patched version of the package is available...

CVE-2025-6170 affecting package libxml2 for versions less than 2.10.4-8

CVE-2025-6170 affecting package libxml2 for versions less than 2.10.4-8. A patched version of the package is available...

CVE-2025-49794 affecting package libxml2 for versions less than 2.10.4-8

CVE-2025-49794 affecting package libxml2 for versions less than 2.10.4-8. A patched version of the package is available...

CVE-2025-49796 affecting package libxml2 for versions less than 2.10.4-8

CVE-2025-49796 affecting package libxml2 for versions less than 2.10.4-8. A patched version of the package is available...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

RLSA-2025:2679 Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Use-After-Free in libxml2 CVE-2024-56171 libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 CVE-2025-24928 For more details about the security issues,...

RLSA-2025:8958 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds Read in libxml2 CVE-2025-32414 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...