CentOS 8 : libxml2 (CESA-2023:4529)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:4529 advisory. - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in...

Use After Free

libxml2 is vulnerable to Use After Free. The vulnerability is caused due to a lack of validation within the xmlTextReader module. When parsing a crafted XML document using the XML Reader interface with DTD validation and XInclude expansion enabled, a xmlValidatePopElement use-after-free exception...

SUSE CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

PT-2024-40841 · Git +1 · Libxml2

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A heap-use-after-free READ 8 crash has been reported. The crash involves the xmlRemoveID, xmlFreeProp, and xmlFreeNodeList functions. Recommendations: A...

GHSA-XC9X-JJ77-9P9J Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062

Summary Nokogiri upgrades its dependency libxml2 as follows: - Nokogiri v1.15.6 upgrades libxml2 to 2.11.7 from 2.11.6 - Nokogiri v1.16.2 upgrades libxml2 to 2.12.5 from 2.12.4 libxml2 v2.11.7 and v2.12.5 address the following vulnerability: - CVE-2024-25062 / https://vulners.com/cve/CVE-2024-250...

Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062

Summary Nokogiri upgrades its dependency libxml2 as follows: - Nokogiri v1.15.6 upgrades libxml2 to 2.11.7 from 2.11.6 - Nokogiri v1.16.2 upgrades libxml2 to 2.12.5 from 2.12.4 libxml2 v2.11.7 and v2.12.5 address the following vulnerability: - CVE-2024-25062 / https://vulners.com/cve/CVE-2024-250...

Slackware: Security Advisory (SSA:2024-035-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] libxml2

New libxml2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.11.7-i586-1slack15.0.txz: Upgraded. Fix the following security issue: xmlreader: Don't expand XIncludes when backtracking...

CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

DEBIAN-CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

ALPINE-CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

AZL-34290 CVE-2024-25062 affecting package libxml2 for versions less than 2.10.4-4

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

AZL-34961 CVE-2024-25062 affecting package libxml2 for versions less than 2.11.5-4

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

Design/Logic Flaw

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

UBUNTU-CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

libxml2 Security Vulnerabilities

libxml2 is an open source library used to parse XML documents . It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 prior to version 2.11.7 and version 2.12.x prior to version 2.12.5, which stems from the fact that when using the...

PT-2024-1711

Name of the Vulnerable Software and Affected Versions libxml2 versions 2.11.7 and earlier libxml2 versions 2.12.x through 2.12.4 Description A use-after-free flaw was found in the xmlValidatePopElement function of the libxml2 library when using the XML Reader interface with DTD validation and...