Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : libxml2 vulnerabilities (USN-7974-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7974-1 advisory. It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog...

USN-7974-1 libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled maliciously crafted SGML catalog files. An attacker could possibly use this issue to cause libxml2 to consume excessive resources, leading to a denial of service. CVE-2025-8732 It was discovered that libxml2 incorrectly handled recursive include...

K000159661: libxml2 vulnerabilities CVE-2025-32414 and CVE-2025-32415

Security Advisory Description CVE-2025-32414 In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between...

[SECURITY] Fedora 42 Update: mingw-libxslt-1.1.43-4.fc42

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

[SECURITY] Fedora 43 Update: mingw-libxslt-1.1.43-4.fc43

This C library allows to transform XML files into other XML files or HTML, text, ... using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 =3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT engine...

Azul Zulu Java Multiple Vulnerabilities (2026-01-20)

The version of Azul Zulu installed on the remote host is 6 prior to 6.77.0.12 / 7 prior to 7.83.0.12 / 8 prior to 8.91.0.12 / 11 prior to 11.85.12 / 17 prior to 17.63.12 / 21 prior to 21.47.14 / 25 prior to 25.31.14. It is, therefore, affected by multiple vulnerabilities as referenced in the...

Amazon Linux 2 : libxml2, --advisory ALAS2-2026-3122 (ALAS-2026-3122)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3122 advisory. A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function...

Low: libxml2

Issue Overview: A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has be...

CVE-2025-7425 affecting package libxml2 for versions less than 2.11.5-8

CVE-2025-7425 affecting package libxml2 for versions less than 2.11.5-8. A patched version of the package is available...

MiracleLinux 7 : libxml2-2.9.1-6.6.0.1.el7.AXS7 (AXSA:2021-2474:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2474:03 advisory. libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : libxml2-2.9.13-6.el9 (AXSA:2024-7767:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7767:02 advisory. libxml2: use-after-free in XMLReader CVE-2024-25062 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

MiracleLinux 8 : libxml2-2.9.7-7.el8 (AXSA:2020-301:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-301:02 advisory. libxml2: NULL pointer dereference in xmlXPathCompOpEval function in xpath.c CVE-2018-14404 libxml2: infinite loop in xzdecomp function in xzlib.c...

MiracleLinux 8 : libxml2-2.9.7-8.el8 (AXSA:2020-1001:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-1001:04 advisory. libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c CVE-2019-19956 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c...

MiracleLinux 9 : libxml2-2.9.13-3.el9 (AXSA:2023-4863:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4863:02 advisory. libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 Tenable has...

MiracleLinux 9 : libxml2-2.9.13-5.el9_3 (AXSA:2023-7045:07)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7045:07 advisory. libxml2: crafted xml can cause global buffer overflow CVE-2023-39615 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : libxml2-2.9.7-13.el8.1 (AXSA:2022-3668:04)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3668:04 advisory. libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write CVE-2022-29824 Tenable has extracted the preceding description block directly...

MiracleLinux 9 : libxml2-2.9.13-3.el9.1 (AXSA:2023-6287:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6287:04 advisory. libxml2: NULL dereference in xmlSchemaFixupComplexType CVE-2023-28484 libxml2: Hashing of empty dict strings isn't deterministic CVE-2023-29469...

MiracleLinux 8 : libxml2-2.9.7-18.el8_9 (AXSA:2024-7397:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7397:01 advisory. libxml2: crafted xml can cause global buffer overflow CVE-2023-39615 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : libxml2-2.9.7-9.el8 (AXSA:2021-1786:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1786:01 advisory. libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal in entities.c CVE-2020-24977 Tenable has extracted the preceding description block direct...

MiracleLinux 9 : libxml2-2.9.13-1.el9.1 (AXSA:2022-3979:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3979:05 advisory. libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write CVE-2022-29824 Tenable has extracted the preceding description block directly...