EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2023-2544)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

Moderate: Red Hat Security Advisory: libxml2 security update

An update for libxml2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

libxml2: Hashing of empty dict strings isn't deterministic

A flaw was found in libxml2. This issue occurs when hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results, which may lead to various logic or memory errors, including double free errors...

libxml2: NULL dereference in xmlSchemaFixupComplexType

A NULL pointer dereference vulnerability was found in libxml2. This issue occurs when parsing invalid XML schemas...

RHEL 9 : libxml2 (RHSA-2023:4349)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4349 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: NULL dereferenc...

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: NULL dereference in xmlSchemaFixupComplexType CVE-2023-28484 libxml2: Hashing of empty dict strings isn't deterministic CVE-2023-29469 For more details about the security...

ALSA-2023:4349 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: NULL dereference in xmlSchemaFixupComplexType CVE-2023-28484 libxml2: Hashing of empty dict strings isn't deterministic CVE-2023-29469 For more details about the security...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2527)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2504)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2023-2514)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NULL pointer dereference in libxml2 through 2.9.8

when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case. Applications processing...

EulerOS Virtualization 2.9.0 : libxml2 (EulerOS-SA-2023-2527)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

EulerOS Virtualization 2.9.1 : libxml2 (EulerOS-SA-2023-2514)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

EulerOS Virtualization 3.0.6.0 : libxml2 (EulerOS-SA-2023-2504)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a...

Security Bulletin: GNOME libxml2 vulnerability affects IBM Safer Payments (CVE-2023-29469)

Summary Libxml2 is used by IBM Safer Payments as part of PMML models, external queries, and docx file templates for Outgoing Channel Configurations. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-29469 DESCRIPTION: GNOME libxml2 is vulnerable to a denial of service,...

EulerOS Virtualization 3.0.6.6 : libxml2 (EulerOS-SA-2023-2412)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...

AIX : Multiple Vulnerabilities (IJ47597)

The version of AIX installed on the remote host is prior to APAR IJ47597. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ47597 advisory. - An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document,...

EulerOS Virtualization 3.0.6.6 : colord (EulerOS-SA-2023-2407)

According to the versions of the colord packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and...

EulerOS Virtualization 3.0.6.6 : python-lxml (EulerOS-SA-2023-2401)

According to the versions of the python-lxml package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is...

AIX : Multiple Vulnerabilities (IJ47629)

The version of AIX installed on the remote host is prior to APAR IJ47629. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ47629 advisory. - An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document,...