CBL Mariner 2.0 Security Update: libxml2 (CVE-2025-24928)

The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-24928 advisory. - libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in...

Ubuntu: Security Advisory (USN-7302-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-56171 affecting package libxml2 for versions less than 2.10.4-6

CVE-2024-56171 affecting package libxml2 for versions less than 2.10.4-6. A patched version of the package is available...

CVE-2025-27113 affecting package libxml2 for versions less than 2.10.4-6

CVE-2025-27113 affecting package libxml2 for versions less than 2.10.4-6. A patched version of the package is available...

CVE-2025-24928 affecting package libxml2 for versions less than 2.10.4-6

CVE-2025-24928 affecting package libxml2 for versions less than 2.10.4-6. A patched version of the package is available...

RLSA-2025:1517 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2025-862)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-862 advisory. xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. CVE-2022-49043 Tenable has extracted the preceding description block directly from the tested product security advisory...

RockyLinux 8 : libxml2 (RLSA-2025:1517)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:1517 advisory. libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

Mageia: Security Advisory (MGASA-2025-0073)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7302-1: libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS...

USN-7302-1 libxml2 vulnerabilities

It was discovered that libxml2 incorrectly handled certain memory operations. A remote attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS...

MGASA-2025-0073 Updated libxml2 packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Use-after-free in xmlSchemaIDCFillNodeTables. CVE-2024-56171 Stack-buffer-overflow in xmlSnprintfElements. CVE-2025-24928 Null-deref in xmlPatMatch. CVE-2025-27113...

Updated libxml2 packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Use-after-free in xmlSchemaIDCFillNodeTables. CVE-2024-56171 Stack-buffer-overflow in xmlSnprintfElements. CVE-2025-24928 Null-deref in xmlPatMatch. CVE-2025-27113...

GHSA-VQPG-M25J-7558 vulnerabilities

Vulnerabilities for packages: libxml2...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : libxml2 vulnerabilities (USN-7302-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7302-1 advisory. It was discovered that libxml2 incorrectly handled certain memory operations. A remot...

openSUSE Security Advisory (SUSE-SU-2024:0461-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:0555-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NULL Pointer Dereference

libxml2 is vulnerable to a NULL Pointer Dereference. The vulnerability is due to improper handling of pattern matching due to a flaw in xmlPatMatch in pattern.c, which can lead to a crash when processing certain XML data...

Advisory ROSA-SA-2025-2710

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 packageevrstring: libxml2-2.9.7-18.0.1 CVE-ID: CVE-2021-3518 BDU-ID: 2021-05283 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the xinclude.c component of the Libxml2 library is related to memory usage after it has been freed. Exploitation of th...