Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2025-896)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-896 advisory. libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must...

macOS 14.x < 14.7.5 Multiple Vulnerabilities (122374)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.7.5. It is, therefore, affected by multiple vulnerabilities: - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6, macOS Sequoia 15.3...

macOS 15.x < 15.4 Multiple Vulnerabilities (122373)

The remote host is running a version of macOS / Mac OS X that is 15.x prior to 15.4. It is, therefore, affected by multiple vulnerabilities: - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To...

Fedora 40 : libxml2 (2025-adbb0031f7)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-adbb0031f7 advisory. Update to 2.12.10 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

[SECURITY] Fedora 42 Update: mingw-libxslt-1.1.43-1.fc42

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

Amazon Linux 2 : libxml2 (ALAS-2025-2794)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2794 advisory. libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.48 security update

Red Hat OpenShift Container Platform release 4.15.48 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

Important: libxml2

Issue Overview: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML...

CLSA-2025-1742914538 libxml2: Fix of CVE-2022-49043

CVE-2022-49043: fix use-after-free vulnerability in xmlXIncludeAddNode...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.6 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.6 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

Important: libxml2

Issue Overview: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML...

Important: libxml2

Issue Overview: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML...

The vulnerability of the xmlPatMatch() function in the pattern.c file of the libxml2 library, related to the assignment of a null pointer, allows a hacker to trigger a denial-of-service attack.

The vulnerability of the xmlPatMatch function in the pattern.c file of the libxml2 library is related to the use of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure from a remote location...

SUSE: Security Advisory (SUSE-SU-2025:0976-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:0976-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : libxml2 (SUSE-SU-2025:0976-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0976-1 advisory. - CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c...

CLSA-2025-1742578098 libxml2: Fix of CVE-2022-49043

CVE-2022-49043: fix use-after-free vulnerability in xmlXIncludeAddNode...

CLSA-2025-1742577756 libxml2: Fix of CVE-2022-49043

CVE-2022-49043: fix use-after-free vulnerability in xmlXIncludeAddNode...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: Fixed...

SUSE-SU-2025:0976-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2024-56171: Fixed use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. - CVE-2025-24928: Fixed stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. - CVE-2025-27113:...