Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

...

Libxml2: stack buffer overflow in xmllint interactive shell command handling

...

RHEL 9 : libxml2 (RHSA-2025:12099)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12099 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after...

RHEL 9 : libxml2 (RHSA-2025:12199)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12199 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after...

RHEL 8 : libxml2 (RHSA-2025:12098)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12098 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

CVE-2025-49796 affecting package libxml2 for versions less than 2.11.5-6

CVE-2025-49796 affecting package libxml2 for versions less than 2.11.5-6. A patched version of the package is available...

CVE-2025-49794 affecting package libxml2 for versions less than 2.11.5-6

CVE-2025-49794 affecting package libxml2 for versions less than 2.11.5-6. A patched version of the package is available...

CVE-2025-6021 affecting package libxml2 for versions less than 2.11.5-6

CVE-2025-6021 affecting package libxml2 for versions less than 2.11.5-6. A patched version of the package is available...

CVE-2025-6170 affecting package libxml2 for versions less than 2.11.5-6

CVE-2025-6170 affecting package libxml2 for versions less than 2.11.5-6. A patched version of the package is available...

Debian: Security Advisory (DLA-4251-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-4251 : libxml2 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4251 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4251-1 [email protected]...

[SECURITY] [DLA 4251-1] libxml2 security update

Debian LTS Advisory DLA-4251-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin July 26, 2025 https://wiki.debian.org/LTS Package : libxml2 Version : 2.9.10+dfsg-6.7+deb11u8 CVE ID : CVE-2024-34459 CVE-2025-6021 CVE-2025-6170 CVE-2025-49794 CVE-2025-49796 Debian Bug...

DLA-4251-1 libxml2 - security update

Bulletin has no description...

OESA-2025-1901 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

OESA-2025-1900 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

NewStart CGSL MAIN 7.02 : libxml2 Multiple Vulnerabilities (NS-SA-2025-0106)

The remote NewStart CGSL host, running version MAIN 7.02, has libxml2 packages installed that are affected by multiple vulnerabilities: - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value...

libxml2: Fix of 2 CVEs

CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file...

The vulnerability of the xmlSchematronFormatReport() function in the Schematron Schema Report component of the libxml2 library allows a attacker to trigger a service failure.

The vulnerability of the xmlSchematronFormatReport function in the Schematron Schema Report component of the libxml2 library is related to the use of a null pointer during the processing of XPath expressions. Exploiting this vulnerability could allow an attacker to cause service failures by sendi...

CLSA-2025-1753303283 libxml2: Fix of 2 CVEs

CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file...

CLSA-2025-1753298447 libxml2: Fix of 2 CVEs

CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements - CVE-2025-49796: fix memory corruption issue triggered by processing sch:name elements in input XML file...