Medium: libxml2

Issue Overview: Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted XML file. CVE-2023-39615 Affected Packages: libxml2 Issu...

Medium: libxml2

Issue Overview: Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted XML file. CVE-2023-39615 Affected Packages: libxml2 Note...

Amazon Linux 2 : libxml2 (ALAS-2023-2249)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2249 advisory. Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at /libxml2/SAX2.c...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2023-343)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-343 advisory. Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS v...

SUSE: Security Advisory (SUSE-SU-2023:3665-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12: libxml2-2 / libxml2-2-32bit / libxml2-devel / libxml2-doc / etc (SUSE-SU-2023:3665-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3665-1 advisory. - CVE-2023-29469: Fixed not deterministic hashing of empty dict strings bsc1210412. - CVE-2023-28484: Fixed NULL dereference in...

SUSE SLED15: libxml2-2 / libxml2-2-32bit / libxml2-devel / libxml2-devel-32bit / etc (SUSE-SU-2023:3666-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3666-1 advisory. - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow bsc1214768. Tenable has extracted th...

SUSE-SU-2023:3666-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow bsc1214768...

SUSE-SU-2023:3665-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2023-29469: Fixed not deterministic hashing of empty dict strings bsc1210412. - CVE-2023-28484: Fixed NULL dereference in xmlSchemaFixupComplexType bsc1210411. - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow bsc1214768...

Important Photon OS Security Update - PHSA-2023-4.0-0469

Updates of 'libxml2', 'mozjs', 'libvirt', 'redis', 'linux' packages of Photon OS have been released...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2731)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2762)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate Photon OS Security Update - PHSA-2023-5.0-0092

Updates of 'libxml2' packages of Photon OS have been released...

Oracle Linux 7 : libxml2 (ELSA-2020-1190)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1190 advisory. - Fix CVE-2015-8035 1595697 - Fix CVE-2018-14404 1602817 - Fix CVE-2017-15412 1729857 - Fix CVE-2016-5131 1714050 - Fix CVE-2017-18258 1579211 Tenable...

Oracle Linux 7 : libxml2 (ELSA-2020-3996)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3996 advisory. - Fix CVE-2019-19956 1793000 - Fix CVE-2019-20388 1810057 - Fix CVE-2020-7595 1810073 Tenable has extracted the preceding description block directly fr...

Oracle Linux 8 : libxml2 (ELSA-2020-1827)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1827 advisory. - Fix CVE-2018-14404 1595989 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus h...

Oracle Linux 6 : libxml2 (ELSA-2011-1749)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2011-1749 advisory. - Fixes another XPath problem CVE-2011-2834 - Fix a potential crasher in XPath or XSLT, CVE-2011-1944 Tenable has extracted the preceding description...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2696)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2654)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-39615

Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service DoS via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support...