Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1744)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1767)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-C636-CG5R-2498 Symfony XML Entity Expansion security vulnerability

Symfony 2.0.11 carried a similar XXE security fix, however, on review of ZF2 I also noted a vulnerability to XML Entity Expansion XEE attacks whereby all extensions making use of libxml2 have no defense against XEE Quadratic Blowup Attacks. The vulnerability is a function of there being no curren...

SUSE-SU-2024:0556-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2024-25062: Fixed use-after-free in XMLReader bsc1219576...

SUSE-SU-2024:0461-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2024-25062: Fixed use-after-free in XMLReader bsc1219576...

SUSE-SU-2024:0461-2 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2024-25062: Fixed use-after-free in XMLReader bsc1219576...

EulerOS Virtualization 2.11.0 : libxml2 (EulerOS-SA-2024-1729)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation...

PT-2024-40236 · Libxml2 +1 · Libxml2 +1

Name of the Vulnerable Software and Affected Versions: Zend Framework 2 affected versions not specified Description: The issue concerns a vulnerability to XML Entity Expansion XEE attacks, specifically Quadratic Blowup Attacks, in software utilizing libxml2. This vulnerability allows for Denial O...

EulerOS Virtualization 2.11.1 : libxml2 (EulerOS-SA-2024-1718)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation...

Fedora: Security Advisory (FEDORA-2024-4862425658)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-9ffc6cc7bf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: mingw-libxml2-2.12.7-1.fc39

MinGW Windows libxml2 XML processing library...

[SECURITY] Fedora 40 Update: mingw-libxml2-2.12.7-1.fc40

MinGW Windows libxml2 XML processing library...

Fedora 40 : mingw-libxml2 (2024-9ffc6cc7bf)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9ffc6cc7bf advisory. Update to 2.12.7 RHBZ2280535, CVE-2024-34459 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...

Fedora 39 : mingw-libxml2 (2024-4862425658)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-4862425658 advisory. Update to 2.12.7 RHBZ2280535, CVE-2024-34459 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...

OESA-2024-1641 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 8.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

libxml2: use-after-free in XMLReader

A use-after-free flaw was found in libxml2. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

Fedora 40 : libxml2 (2024-08e01e9f2f)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-08e01e9f2f advisory. Update to 2.12.7 Fix CVE-2024-34459. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...

RHEL 8 : libxml2 (RHSA-2024:3303)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3303 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: use-after-free in...