F5 Networks BIG-IP : libxml2 vulnerability (K000139594)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.2.2 / 17.5.0. It is, therefore, affected by a vulnerability as referenced in the K000139594 advisory. An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table...

Slackware: Security Advisory (SSA:2024-134-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libxml2 安全漏洞

libxml2 is an open source library for parsing XML documents. It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 versions prior to 2.11.8, 2.12.x through 2.12.7, which stems from the use of the xmllint --htmlout formatting error...

Rocky Linux 9 : libxml2 (RLSA-2024:2679)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2679 advisory. - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion...

K000139592: libxml2 vulnerability CVE-2023-29469

Security Advisory Description An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs...

[slackware-security] libxml2

New libxml2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.11.8-i586-1slack15.0.txz: Upgraded. Fix buffer overread with "xmllint --htmlout". xmllint: Fix --pedantic option. save:...

Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459

Summary Nokogiri v1.16.5 upgrades its dependency libxml2 to 2.12.7 from 2.12.6. libxml2 v2.12.7 addresses CVE-2024-34459: - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 - patched by https://gitlab.gnome.org/GNOME/libxml2/-/commit/2876ac53 Impact There is no impact to Nokogiri...

GHSA-R95H-9X8F-R3F7 Nokogiri updates packaged libxml2 to v2.12.7 to resolve CVE-2024-34459

Summary Nokogiri v1.16.5 upgrades its dependency libxml2 to 2.12.7 from 2.12.6. libxml2 v2.12.7 addresses CVE-2024-34459: - described at https://gitlab.gnome.org/GNOME/libxml2/-/issues/720 - patched by https://gitlab.gnome.org/GNOME/libxml2/-/commit/2876ac53 Impact There is no impact to Nokogiri...

CVE-2024-34459

An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c...

Slackware Linux 15.0 / current libxml2 Vulnerability (SSA:2024-134-01)

The version of libxml2 installed on the remote host is prior to 2.11.8 / 2.12.7. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-134-01 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version numbe...

CVE-2024-34459

An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c...

CVE-2024-34459

The CVE-2024-34459 issue affects libxml2’s xmllint when using --htmlout, where a formatting error in error messages can trigger a buffer over-read in xmlHTMLPrintFileContext. The vulnerability concerns xmllint and the libxml2 parser before versions 2.11.8 and 2.12.x before 2.12.7. A PoC exists pe...

CVE-2024-34459

An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c...

RHEL 8 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: NULL pointer dereference in xmlXPathCompOpEval function in xpath.c CVE-2018-14404 - libxml2 2.9....

RHEL 5 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

RHEL 7 : chromium-browser (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - chromium-browser: pointer disclosure in sqlite CVE-2017-7000 - numbers.c in libxslt before 1.1.29, as use...

RHEL 7 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Missing validation for external entities in xmlParsePEReference CVE-2017-7375 - libxml2:...

RHEL 6 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

RLSA-2024:2679 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: use-after-free in XMLReader CVE-2024-25062 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...