AlmaLinux 8 : libxml2 (ALSA-2025:8958)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8958 advisory. libxml2: Out-of-Bounds Read in libxml2 CVE-2025-32414 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note tha...

Security Bulletin: IBM Storage Ceph is vulnerable to Use After Free in the RHEL UBI (CVE-2024-25062, CVE-2023-39615, CVE-2023-45322)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-25062, CVE-2023-39615, CVE-2023-45322. Vulnerability Details CVEID:CVE-2024-25062 DESCRIPTION: GNOME libxml2 is vulnerable t...

OESA-2025-1704 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

OESA-2025-1703 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

OESA-2025-1702 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Debian: Security Advisory (DSA-5949-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dsa-5949 : libxml2 - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5949 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5949-1 [email protected] https://www.debian.org/securit...

DSA-5949-1 libxml2 - security update

Bulletin has no description...

Photon OS 4.0: Libxml2 PHSA-2025-4.0-0821

An update of the libxml2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0821. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

[SECURITY] [DSA 5949-1] libxml2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5949-1 [email protected] https://www.debian.org/security/ Aron Xu June 26, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

Amazon Linux 2 : libxml2 (ALAS-2025-2893)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2893 advisory. A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based...

Alibaba Cloud Linux 3 : 0091: libxml2 (ALINUX3-SA-2025:0091)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0091 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-32414: In libxml2 before 2.13.8 and 2.14.x...

Important Photon OS Security Update - PHSA-2025-4.0-0821

Updates of 'libxml2', 'gobgp' packages of Photon OS have been released...

Important: libxml2

Issue Overview: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. CVE-2025-6021 Affected Packages:...

Important: libxml2

Issue Overview: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. CVE-2025-6021 Affected Packages:...

Important: libxml2

Issue Overview: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. CVE-2025-6021 Affected Packages:...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2025-1019)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1019 advisory. A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a deni...

Important: libxml2

Issue Overview: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. CVE-2025-6021 Affected Packages:...

Security Bulletin: IBM Security Guardium is affected by Open Source libxml2 vulnerabilities

Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-9050 DESCRIPTION: libxml2 is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the xmlDictAddString function in dict.c. By sending a specially-crafted...

[ASA-202506-7] libxml2: denial of service

Arch Linux Security Advisory ASA-202506-7 ========================================= Severity: High Date : 2025-06-18 CVE-ID : CVE-2025-6021 Package : libxml2 Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2899 Summary ======= The package libxml2 before version...