RHEL 10 : libxml2 (RHSA-2025:10630)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10630 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after...

ALSA-2025:10699 Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796 libxml2: Integer Overflow in...

ALSA-2025:10698 Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796 libxml2: Integer Overflow in...

Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Type confusion leads to Denial of service DoS CVE-2025-49796 libxml2: Integer Overflow in...

RHEL 9 : libxml2 (RHSA-2025:10699)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10699 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after...

Oracle Linux 9 : libxml2 (ELSA-2025-10699)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10699 advisory. - Fix CVE-2025-6021 RHEL-96507 - Fix CVE-2025-49794 RHEL-96405 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 10 : libxml2 (ELSA-2025-10630)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10630 advisory. - Fix CVE-2025-6021 RHEL-96495 - Fix CVE-2025-49794 RHEL-96395 - Fix CVE-2025-49795 RHEL-96408 Tenable has extracted the preceding description block...

libxml: Heap use after free (UAF) leads to Denial of service (DoS)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's...

Important: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input...

libxml: Null pointer dereference leads to Denial of service (DoS)

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service...

OPENSUSE-SU-2025:15321-1 libxml2-2-2.13.8-2.1 on GA media

These are all security issues fixed in the libxml2-2-2.13.8-2.1 package on the GA media of openSUSE Tumbleweed...

ALSA-2025:10630 Important: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: Heap use after free UAF leads to Denial of service DoS CVE-2025-49794 libxml: Null pointer dereference leads to Denial of service DoS CVE-2025-49795 libxml: Type confusion...

Multiple Rocky Linux updates applied to Brocade SANnav OVA 2.4.0a

Multiple Rocky Linux updates applied to Brocade SANnav base OS OVA deployment 2.4.0a RockyLinux 8: bind RLSA-2024:5524 BIND's database will be slow if a very large number of RRs exist at the same name CVE-2024-1737 SIG0 can be used to exhaust CPU resources CVE-2024-1975 RockyLinux 8: bind...

CLSA-2025-1751889153 libxml2: Fix of CVE-2025-32414

CVE-2025-32414: fix out-of-bounds memory access in Python API...

Security Bulletin: Vulnerabilities in libxml2 library (CVE-2024-56171, CVE-2025-24928) affect Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-56171 DESCRIPTION: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and...

PT-2025-29896 · Git +1 · Pidgin

Name of the Vulnerable Software and Affected Versions: libxml2 affected versions not specified Description: The software is susceptible to a heap-buffer-overflow write issue. The crash occurs within the xmlParseAttValueInternal function, triggered by a structural error during XML parsing,...

TencentOS Server 3: libxml2 (TSSA-2025:0490)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0490 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

OESA-2025-1716 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Security Bulletin: Prevoius version has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c, affect watsonx.data

Summary libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema...