ALSA-2025:8958 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds Read in libxml2 CVE-2025-32414 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

libxml2 security update

2.9.7-20 - Fix CVE-2025-32414 RHEL-88198...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read due to improper namespace processing of sch:name elements in xmlSchematronFormatReport function. An attacker can cause a denial of service or potentially execute arbitrary code by providing specially crafted XML input...

RHEL 8 : libxml2 (RHSA-2025:8958)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:8958 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds Read in...

EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2025-1637)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1598)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1620)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1597)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1637)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP13 : libxml2 (EulerOS-SA-2025-1620)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...

EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2025-1597)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...

EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2025-1598)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2 before 2.12.10...

Malicious code in libxml2-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4180cf36e11e0565c87f4377f677fff16f320850f8f544b98c24eecd3cd96c7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4846 Malicious code in libxml2-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4180cf36e11e0565c87f4377f677fff16f320850f8f544b98c24eecd3cd96c7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

The vulnerability of the xmlSchemaIDCFillNodeTables() function in the xmlschemas.c file of the libxml2 library allows a attacker to trigger a service failure.

The vulnerability of the xmlSchemaIDCFillNodeTables function in the xmlschemas.c file of the libxml2 library is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure using a specially created XML file...

NewStart CGSL MAIN 7.02 : libxml2 Vulnerability (NS-SA-2025-0072)

The remote NewStart CGSL host, running version MAIN 7.02, has libxml2 packages installed that are affected by a vulnerability: - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. CVE-2025-27113 Note that Nessus has not tested for these...

Vulnerability of the functions xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables (in the libxml2 library), which allows a hacker to execute arbitrary code.

The vulnerability of the xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables functions in the Libxml2 library is related to the possibility of using memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially created XML...

Security Bulletin: Multiple vulnerabilities in libxml2 affect AIX/VIOS

Summary Vulnerabilities in libxml2 could allow a use-after-free CVE-2024-56171, a NULL pointer dereference CVE-2025-27113, a buffer overflow CVE-2025-24928, or a heap-based buffer under-read CVE-2025-32415. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details...

Multiple vulnerabilities in libxml2 affect AIX

IBM SECURITY ADVISORY First Issued: Wed Jun 4 08:36:14 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/libxml2advisory8.asc Security Bulletin: Multiple vulnerabilities in libxml2 affect AIX...

AIX : Multiple Vulnerabilities (IJ54754)

The version of AIX installed on the remote host is prior to APAR IJ54754. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54754 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...