CVE-2025-24928

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...

RHSA-2025:1517 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

RHSA-2025:1516 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

libxml: use-after-free in xmlXIncludeAddNode

A flaw was found in libxml2 where improper handling of memory allocation failures in libxml2 can lead to crashes, memory leaks, or inconsistent states. While an attacker cannot directly control allocation failures, they may trigger denial-of-service conditions under extreme system stress...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 8 : libxml2 (RHSA-2025:1517)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1517 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in...

Oracle Linux 8 : libxml2 (ELSA-2025-1517)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1517 advisory. - Fix CVE-2022-49043 RHEL-76289 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

AlmaLinux 8 : libxml2 (ALSA-2025:1517)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:1517 advisory. libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. No...

RHEL 9 : libxml2 (RHSA-2025:1516)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1516 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in...

libxml2 security update

2.9.7-18.2 - Fix CVE-2022-49043 RHEL-76289 2.9.7-18.1 - Fix CVE-2024-25062 RHEL-31056...

ALSA-2025:1517 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

OESA-2025-1104 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

AlmaLinux 9 : libxml2 (ALSA-2025:1350)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:1350 advisory. libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. No...

Oracle Linux 9 : libxml2 (ELSA-2025-1350)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1350 advisory. 2.9.13-6.1 - Fix CVE-2022-49043 RHEL-76298 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

RHSA-2025:1350 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

libxml2 security update

2.9.13-6.1 - Fix CVE-2022-49043 RHEL-76298...

PT-2025-7245

Name of the Vulnerable Software and Affected Versions libxml2 versions 2.12.10 and earlier, 2.13.x versions prior to 2.13.6 Description The issue is related to a NULL pointer dereference in xmlPatMatch in pattern.c. This is a general information about the problem, and no specific details about...

libxml: use-after-free in xmlXIncludeAddNode

A flaw was found in libxml2 where improper handling of memory allocation failures in libxml2 can lead to crashes, memory leaks, or inconsistent states. While an attacker cannot directly control allocation failures, they may trigger denial-of-service conditions under extreme system stress...