MGASA-2024-0211 Updated libxml2 packages fix security vulnerability

The updated packages fix a security vulnerability: An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. CVE-2024-34459...

K000139917: Libxml2 vulnerability CVE-2022-40303

Security Advisory Description An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading ...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

libxml2: use-after-free in XMLReader

A use-after-free flaw was found in libxml2. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

libxml2 security update

2.9.7-18.1 - Fix CVE-2024-25062 RHEL-31056...

Oracle Linux 8 : libxml2 (ELSA-2024-3626)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3626 advisory. 2.9.7-18.1 - Fix CVE-2024-25062 RHEL-31056 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

RHEL 9 : libxml2 (RHSA-2024:3625)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3625 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: use-after-free in...

openSUSE Security Advisory (SUSE-SU-2024:0461-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : libxml2 (RHSA-2024:3626)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3626 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: use-after-free in...

AlmaLinux 8 : libxml2 (ALSA-2024:3626)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3626 advisory. libxml2: use-after-free in XMLReader CVE-2024-25062 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: use-after-free in XMLReader CVE-2024-25062 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

ALSA-2024:3626 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: use-after-free in XMLReader CVE-2024-25062 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2024-1803)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...

RHEL 8 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: NULL pointer dereference in xmlXPathCompOpEval function in xpath.c CVE-2018-14404 - libxml2...

RHEL 9 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libxml2: use-after-free in xmlUnlinkNode in tree.c CVE-2023-45322 Note that Nessus has not tested for this issue bu...

RHEL 6 : mingw32-libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libxml2: CPU consumption DoS when performing string substitutions during entities expansion CVE-2013-0338 Note that...

RHEL 6 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2024-1791)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1791)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...