AIX : Multiple Vulnerabilities (IJ54779)

The version of AIX installed on the remote host is prior to APAR IJ54779. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54779 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...

SUSE: Security Advisory (SUSE-SU-2025:1438-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AIX : Multiple Vulnerabilities (IJ54873)

The version of AIX installed on the remote host is prior to APAR IJ54873. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54873 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...

AIX : Multiple Vulnerabilities (IJ54754)

The version of AIX installed on the remote host is prior to APAR IJ54754. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ54754 advisory. - A buffer overflow was discovered in libxml2 20904-GITv2.9.4-16-g0741801. The function xmlSnprintfElementContent in valid.c is...

FreeBSD : libxml2 -- Out-of-bounds memory access (2926c487-3e53-11f0-95d4-00a098b42aeb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2926c487-3e53-11f0-95d4-00a098b42aeb advisory. [email protected] reports: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access c...

FreeBSD : libxml2 -- Stack-based Buffer Overflow (fdd02be0-3e50-11f0-95d4-00a098b42aeb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fdd02be0-3e50-11f0-95d4-00a098b42aeb advisory. [email protected] reports: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflo...

FreeBSD : libxml2 -- Use After Free (bd2af307-3e50-11f0-95d4-00a098b42aeb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bd2af307-3e50-11f0-95d4-00a098b42aeb advisory. [email protected] reports: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in...

RHBA-2025:6597 Red Hat Bug Fix Advisory: libxml2 bug fix and enhancement update

Bulletin has no description...

Medium: libxml2

Issue Overview: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

Medium: libxml2

Issue Overview: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

Amazon Linux 2 : libxml2 (ALAS-2025-2860)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2860 advisory. In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings...

CVE-2025-32414 affecting package libxml2 for versions less than 2.11.5-5

CVE-2025-32414 affecting package libxml2 for versions less than 2.11.5-5. A patched version of the package is available...

CVE-2025-32415 affecting package libxml2 for versions less than 2.11.5-5

CVE-2025-32415 affecting package libxml2 for versions less than 2.11.5-5. A patched version of the package is available...

Security update for libxml2

This update for libxml2 fixes the following issues: CVE-2025-32414: Fixed out-of-bounds read when parsing text via the Python API bsc1241551. CVE-2025-32415: Fixed heap-based buffer under-read via crafted XML documents bsc1241453. Patch Instructions: To install this SUSE update use the SUSE...

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.

...

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

...

libxml2 -- multiple vulnerabilities

Alan Coopersmith reports: As discussed in https://gitlab.gnome.org/GNOME/libxml2/-/issues/913 the security policy of libxml2 has been changed to disclose vulnerabilities before fixes are available so that people other than the maintainer can contribute to fixing security issues in this library. A...

CLSA-2025-1748282366 libxml2: Fix of CVE-2025-32415

CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables...

Advisory ROSA-SA-2025-2868

Software: libxml2 2.9.1 OS: rosa-server79 packageevrstring: libxml2-2.9.1-6.0.1.res7.6 CVE-ID: CVE-2024-56171 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in libxml2: use-after-free in xmlschemas.c. CVE-STATUS: Vulnerability resolved. CVE-REV: To close the vulnerability, run the command:...

Fedora: Security Advisory (FEDORA-2025-65790c11eb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...