Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-6021)

The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6021 advisory. - A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations ca...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-49794)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49794 advisory. - A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under...

CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-49794)

The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49794 advisory. - A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under...

Important: libxml2

Issue Overview: libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796 Affected Packages: libxml2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-49796)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49796 advisory. - A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can...

RockyLinux 8 : libxml2 (RLSA-2025:10698)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:10698 advisory. libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796...

RHEL 8 : libxml2 (RHSA-2025:12241)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12241 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

RockyLinux 9 : libxml2 (RLSA-2025:2679)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:2679 advisory. libxml2: Use-After-Free in libxml2 CVE-2024-56171 libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2 CVE-2025-24928 Tenable has...

RHEL 7 : libxml2 (RHSA-2025:12240)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12240 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-6021)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6021 advisory. - A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations ca...

RHEL 8 : libxml2 (RHSA-2025:12237)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12237 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-6170)

The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6170 advisory. - A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When...

CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-49796)

The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-49796 advisory. - A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can...

RHEL 8 : libxml2 (RHSA-2025:12239)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:12239 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds...

Azure Linux 3.0 Security Update: libxml2 (CVE-2025-6170)

The version of libxml2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-6170 advisory. - A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...