libxml2: Out-of-Bounds Read in libxml2

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1995)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1961)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : libxml2 (RHSA-2025:13688)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13688 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-bounds Read in...

RHEL 9 : libxml2 (RHSA-2025:13684)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13684 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

RHEL 9 : libxml2 (RHSA-2025:13677)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13677 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

RHEL 9 : libxml2 (RHSA-2025:13683)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:13683 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

RHEL 8 : libxml2 (RHSA-2025:13689)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13689 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-bounds Read in...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1935)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1981)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K000152952: libxml2 vulnerability CVE-2025-6021

Security Advisory Description A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. CVE-2025-6021 Impact...

Linux Distros Unpatched Vulnerability : CVE-2024-40896

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers t...

CVE-2025-8732

A flaw was found in libxml2. The xmlParseSGMLCatalog function within the xmlcatalog component exhibits uncontrolled recursion when processing a specially crafted catalog file. A local attacker can trigger this recursive behavior, which can lead to an application level denial of service. Mitigatio...

Linux Distros Unpatched Vulnerability : CVE-2025-32415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap- based buffer under-read. To exploit this, a crafted XM...

Linux Distros Unpatched Vulnerability : CVE-2025-6021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue...

K000152932: libxml2 vulnerability CVE-2024-56171

Security Advisory Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or ...

K000152930: libxml2 vulnerability CVE-2025-24928

Security Advisory Description libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047. CVE-2025-24928 Impact...

AZL-66204 CVE-2025-8732 affecting package libxml2 for versions less than 2.10.4-11

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

CVE-2025-8732

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

DEBIAN-CVE-2025-8732

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...