Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-2800)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2022-1670523520 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

CLSA-2022-1670523403 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

CLSA-2022-1670522857 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

CLSA-2022-1670521677 libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...

libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write

A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types. A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write...

libxml2: dict corruption caused by entity reference cycles

A flaw was found in libxml2. When a reference cycle is detected in the XML entity cleanup function the XML entity data can be stored in a dictionary. In this case, the dictionary becomes corrupted resulting in logic errors, including memory errors like double free...

EulerOS 2.0 SP8 : libxml2 (EulerOS-SA-2022-2800)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, sever...

The Bug Report – November 2022 Edition

The Bug Report — November 2022 Edition By Trellix · December 07, 2022 This blog was written by Austin Emmitt Like granny always said, “never hack on an empty stomach.” Why am I here? This year I am thankful for some vivifying vulnerabilities and exceptional exploits! The world of enterprise...

The Bug Report – November 2022 Edition

The Bug Report — November 2022 Edition By Trellix · December 07, 2022 This blog was written by Austin Emmitt Like granny always said, “never hack on an empty stomach.” Why am I here? This year I am thankful for some vivifying vulnerabilities and exceptional exploits! The world of enterprise...

Ubuntu 16.04 ESM : libxml2 vulnerabilities (USN-5760-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5760-2 advisory. USN-5760-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : libxml2 vulnerabilities (USN-5760-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5760-1 advisory. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash...

CVE-2022-40304 affecting package libxml2 2.9.14-2

CVE-2022-40304 affecting package libxml2 2.9.14-2. A patched version of the package is available...

CVE-2022-40303 affecting package libxml2 2.9.14-2

CVE-2022-40303 affecting package libxml2 2.9.14-2. A patched version of the package is available...

Important Photon OS Security Update - PHSA-2022-0293

Updates of 'emacs', 'linux-aws', 'linux-rt', 'linux-secure', 'linux', 'libxml2' packages of Photon OS have been released...

Ubuntu: Security Advisory (USN-5760-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5760-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important Photon OS Security Update - PHSA-2022-3.0-0499

Updates of 'emacs', 'libxml2' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-4.0-0293

Updates of 'libxml2', 'linux-rt', 'linux-secure', 'emacs', 'linux', 'linux-aws' packages of Photon OS have been released...

USN-5760-2: libxml2 vulnerabilities

USN-5760-1 fixed vulnerabilities in libxml2. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive...