EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2025-1806)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrec...

Oracle Linux 8 : libxml2 (ELSA-2025-10698)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10698 advisory. - Fix CVE-2025-6021 RHEL-96498 - Fix CVE-2025-49794 RHEL-96398 - Fix CVE-2025-49796 RHEL-96424 Tenable has extracted the preceding description block...

EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2025-1783)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrec...

SUSE-SU-2025:02260-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. bsc1244554 - CVE-2025-49796: Fixed type confusion which could lead to denial of service. bsc1244557 - CVE-2025-49795: Fixed a null pointer dereference which cou...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

RHSA-2025:10630 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

libxml2 security update

2.9.13-10 - Fix CVE-2025-6021 RHEL-96507 - Fix CVE-2025-49794 RHEL-96405 - Fix CVE-2025-49796 RHEL-96431...

libxml2 security update

2.9.7-21.1 - Fix CVE-2025-6021 RHEL-96498 - Fix CVE-2025-49794 RHEL-96398 - Fix CVE-2025-49796 RHEL-96424 2.9.7-21 - Fix integer overflow RHEL-74345...

ALSA-2025:10698 Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796 libxml2: Integer Overflow in...

libxml2-2-2.13.8-2.1 on GA media (moderate)

libxml2-2-2.13.8-2.1 on GA media Announcement ID: openSUSE-SU-2025:15321-1 Rating: moderate Cross-References: CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-6021 CVE-2025-6170 CVSS scores: CVE-2025-49794 SUSE : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H CVE-2025-49795 SUSE : 7.5...

RHEL 10 : libxml2 (RHSA-2025:10630)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10630 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after...

RHEL 8 : libxml2 (RHSA-2025:10698)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10698 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after...

RHEL 9 : libxml2 (RHSA-2025:10699)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10699 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after...

Oracle Linux 9 : libxml2 (ELSA-2025-10699)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10699 advisory. - Fix CVE-2025-6021 RHEL-96507 - Fix CVE-2025-49794 RHEL-96405 Tenable has extracted the preceding description block directly from the Oracle Linux...