Slackware Linux 15.0 / current libxml2 Multiple Vulnerabilities (SSA:2026-070-02)

The version of libxml2 installed on the remote host is prior to 2.11.9 / 2.15.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-070-02 advisory. New libxml2 packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted t...

CVE-2025-8732 affecting package libxml2 for versions less than 2.11.5-9

CVE-2025-8732 affecting package libxml2 for versions less than 2.11.5-9. A patched version of the package is available...

CVE-2026-0990 affecting package libxml2 for versions less than 2.11.5-9

CVE-2026-0990 affecting package libxml2 for versions less than 2.11.5-9. A patched version of the package is available...

CVE-2026-0992 affecting package libxml2 for versions less than 2.11.5-9

CVE-2026-0992 affecting package libxml2 for versions less than 2.11.5-9. A patched version of the package is available...

ROS-20260310-73-0029

Vulnerability in libxml2 related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2026-1288)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2026-1252)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2026-1288)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2026-1252)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain...

ROS-20260310-73-0028

Vulnerability in libxml2 related to uncontrolled recursion. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-8732 affecting package libxml2 for versions less than 2.10.4-11

CVE-2025-8732 affecting package libxml2 for versions less than 2.10.4-11. A patched version of the package is available...

SUSE SLES16 Security Update : libxml2, libxslt (SUSE-SU-2026:20631-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20631-1 advisory. Changes in libxml2: - CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in...

SUSE-SU-2026:20657-1 Security update for libxslt, libxml2

This update for libxslt, libxml2 fixes the following issues: libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI bsc1256807, bsc1256811 - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to...

openSUSE 16 Security Update : libxml2, libxslt (openSUSE-SU-2026:20312-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20312-1 advisory. Changes in libxml2: - CVE-2026-0990: call stack overflow may lead to application crash due to infinite recursion in xmlCatalogXMLResolveURI...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libxslt (SUSE-SU-2026:0801-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0801-1 advisory. - CVE-2025-10911: use-after-free will be fixed on libxml2 side instead bsc1250553. Tenable has extracted...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1446)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1446 advisory. A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user...

Amazon Linux 2 : libxml2, --advisory ALAS2-2026-3178 (ALAS-2026-3178)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3178 advisory. A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user...

Low: libxml2

Issue Overview: A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution...

SUSE SLES12 Security Update : libxml2 (SUSE-SU-2026:0782-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0782-1 advisory. - CVE-2026-0990: Fixed a call stack overflow leading to application crash due to infinite recursion in xmlCatalogXMLResolveURI. bsc1256807,...

Low: libxml2

Issue Overview: A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command execution...