Rocky Linux 9 : libxml2 (RLSA-2023:0338)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0338 advisory. - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several...

Rocky Linux 9 : python-lxml (RLSA-2022:8226)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8226 advisory. - NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together with libxml2 2.9.10...

Rocky Linux 8 : libxml2 (RLSA-2021:1597)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:1597 advisory. - GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commi...

Rocky Linux 8 : libxml2 (RLSA-2023:0173)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0173 advisory. - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2023-411)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-411 advisory. libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is I don't think these issues...

Important: libxml2

Issue Overview: libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can...

Important: libxml2

Issue Overview: libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can...

Amazon Linux AMI : libxml2 (ALAS-2023-1874)

The version of libxml2 installed on the remote host is prior to 2.9.1-6.6.44. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1874 advisory. libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in...

Amazon Linux 2 : libxml2 (ALAS-2023-2321)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2321 advisory. libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNo...

Important: libxml2

Issue Overview: libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can...

Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2022-29824)

Summary UPDATED Dec 12 2022 Added iFixes for AIX 7.2 TL5 SP5 and VIOS 3.1.4.10: A vulnerability in libxml2 could allow a remote attacker to cause a denial of service CVE-2022-29824. AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details CVEID:CVE-2022-29824 DESCRIPTION: GNOM...

Security Bulletin: A vulnerability in libxml2 affects Tivoli Netcool/OMNIbus (CVE-2022-2309)

Summary There is a vulnerability in the libxml2 library that ships as a component of Tivoli Netcool/OMNIbus. Vulnerability Details CVEID:CVE-2022-2309 DESCRIPTION: libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in function appendStartNsEvents. By sending a...

Mageia: Security Advisory (MGASA-2023-0298)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2023-0298 Updated libxml2 packages fix a security vulnerability

libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. CVE-2023-45322...

Updated libxml2 packages fix a security vulnerability

libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. CVE-2023-45322...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : libxml2 vulnerabilities (USN-3739-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3739-1 advisory. Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose...

Important Photon OS Security Update - PHSA-2023-3.0-0671

Updates of 'libxml2', 'vim' packages of Photon OS have been released...

Oracle HTTP Server (October 2023 CPU)

The version of Oracle HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware component: Web Listener. The supported version that is affected is...

Important Photon OS Security Update - PHSA-2023-4.0-0492

Updates of 'libxml2', 'vim' packages of Photon OS have been released...

The vulnerability of the xmlUnlinkNode function (tree.c) in the libxml2 library allows a attacker to cause a service failure.

The vulnerability of the xmlUnlinkNode function in the tree.c file of the libxml2 library is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...