ALSA-2023:7747 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: crafted xml can cause global buffer overflow CVE-2023-39615 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-3278)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-3311)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-3250)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 9 : libxml2 (RHSA-2023:7747)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:7747 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: crafted xml can cause...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-3343)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2023-343-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] libxml2

New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.12.2-i586-1slack15.0.txz: Upgraded. Add --sysconfdir=/etc option so that this can find the xml catalog...

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current libxml2 Multiple Vulnerabilities (SSA:2023-343-01)

The version of libxml2 installed on the remote host is prior to 2.12.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-343-01 advisory. - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser...

Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in Libxml2

Summary The following vulnerabilites in Libxml2 have been addressed by IBM Flex System switch firmware products. Vulnerability Details CVEID: CVE-2021-3517 DESCRIPTION: GNOME libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by xmlEncodeEntitiesInternal in...

Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in Libxml2

Summary The following vulnerabilites in Libxml2 have been addressed by IBM RackSwitch firmware products. Vulnerability Details CVEID: CVE-2021-3517 DESCRIPTION: GNOME libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by xmlEncodeEntitiesInternal in...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in Libxml2

Summary The following vulnerabilities in Libxml2 have been addressed by IBM Flex System Chassis Management Module CMM. Vulnerability Details CVEID: CVE-2020-7595 DESCRIPTION: The Gnome Project Libxml2 is vulnerable to a denial of service, caused by an error in xmlStringLenDecodeEntities in...

Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in Libxml2

Summary IBM RackSwitch firmware products have addressed the following vulnerabilities in Libxml2. Vulnerability Details CVEID: CVE-2020-24977 DESCRIPTION: GNOME libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the xmlEncodeEntitiesInternal function in...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in glib2, libxml2 and ntp

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in glib2, libxml2 and ntp. Vulnerability Details CVEID: CVE-2018-16429 DESCRIPTION: GNOME GLib is vulnerable to a denial of service, caused by an out-of-bounds read in gmarkupparsecontextparse in...

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerability in libxml2 (CVE-2018-14404)

Summary IBM Integrated Management Module II IMM2 has addressed the following vulnerability in libxml2. Vulnerability Details CVEID: CVE-2018-14404 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in the xpath.c:xmlXPathCompOpEval function. By...

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerabilities in libxml/libxml2

Summary IBM Integrated Management Module II IMM2 has addressed the following vulnerabilities in libxml/libxml2. Vulnerability Details CVEID: CVE-2017-5130 DESCRIPTION: Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libxml2. By persuading a victi...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in libxml2 (CVE-2017-5130 CVE-2017-15412 CVE-2016-5131)

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in libxml2. Vulnerability Details CVEID: CVE-2017-5130 DESCRIPTION: Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libxml2. By persuading a victim ...

Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in libxml2

Summary Vulnerabilities in libxml2 have been addressed by IBM Flex System switch firmware products listed below. Vulnerability Details CVEID: CVE-2017-5130 DESCRIPTION: Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libxml2. By persuading a vict...

Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 SP2 security update

Red Hat JBoss Core Services Apache HTTP Server 2.4.57 Service Pack 2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Memory Leak

libxml2.so is vulnerable to Memory Leak. The vulnerability is due to use-after-free in the xmlUnlinkNode function in tree.c. An attacker could submit a crafted XML document, which would result in Denial of Service...