6743 matches found
PT-2026-38043
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...
PT-2026-38036
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c...
PT-2026-38044
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...
CLSA-2026-1778006676 libxml2: Fix of CVE-2025-6170
CVE-2025-6170: fix potential buffer overflows in xmllint interactive shell...
Astra Linux - уязвимость в libxml2
Uncontrolled recursion occurs during XPath evaluation in libxml2, including in versions up to and including 2.9.14. This allows a local attacker to cause a stack overflow through crafted expressions. The XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr reset t...
Astra Linux - уязвимость в libxml2
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047...
Astra Linux - уязвимость в libxml2
There is a flaw in libxml2 in versions before 2.9.11. An attacker who can submit a crafted file for processing by an application that uses libxml2 can trigger a use-after-free vulnerability. The most significant impact of this flaw is related to confidentiality, integrity, and availability...
Astra Linux - уязвимость в libxml2
Possible cross-site scripting vulnerability in libxml after commit 960f0e2...
Astra Linux - уязвимость в libxml2
In versions of libxml2 before 2.12.10 and 2.13.x before 2.13.6, there is a use-after-free issue in the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions in the xmlschemas.c file. To exploit this vulnerability, a crafted XML document must be validated against an XML schema with...
Astra Linux - уязвимость в libxml2
A flaw was identified in the RelaxNG parser of libxml2 regarding how external schema inclusions are handled. The parser does not enforce a limit on the inclusion depth when resolving nested directives. Specifically crafted or overly complex schemas can cause excessive recursion during parsing. Th...
Astra Linux - уязвимость в libxml2
There is a flaw in the XML entity encoding functionality of libxml2 in versions prior to 2.9.11. An attacker who can provide a crafted file for processing by an application that utilizes the affected functionality of libxml2 may trigger an out-of-bounds read. The most likely impact of this flaw i...
Astra Linux - уязвимость в libxml2
The vulnerability of the xmlParseAttValueComplex function in the parser.c component of the Libxml2 library is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в libxml2
The vulnerability of the xmlMemStrdup function in the Libxml2 library is related to pointer manipulation errors. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в libxml2
There is a flaw in libxml2’s xmllint in versions before 2.9.11. An attacker who can submit a crafted file for processing by xmllint could trigger a use-after-free. The most significant impact of this flaw is on confidentiality, integrity, and availability...
Astra Linux - уязвимость в libxml2
A vulnerability was discovered in libxml2 in versions prior to 2.9.11. This vulnerability allows errors to go unnoticed during the parsing of XML mixed content, resulting in a NULL dereference. If an untrusted XML document is parsed in recovery mode and after post-validation, this flaw could be...
Astra Linux - уязвимость в libxml2
A flaw was discovered in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function, where an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by...
Astra Linux - уязвимость в libxml2
The vulnerability of the Libxml2 library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause a service failure...
Astra Linux - уязвимость в libxml2
The vulnerability of the xmlBuildRelativeURI function in the uri.c component of the Libxml2 library is related to reading data beyond the allowable buffer size. Exploiting this vulnerability allows an attacker to cause service failures remotely...
Astra Linux - уязвимость в libxml2
A flaw was discovered in the libxml2 library. This vulnerability arises from uncontrolled resource consumption when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this vulnerability by providing malicious catalogs,...
Astra Linux - уязвимость в libxml2
The vulnerability of the xmlFAParseCharClassEsc function in the xmlregexp.c component of the Libxml2 library is related to pointer dereferencing errors. Exploiting this vulnerability allows an attacker to cause a service failure...