Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands may be vulnerable to arbitrary code execution due to [CVE-2016-4658]

Summary The libxml2 library is not used directly by IBM App Connect Enterprise Certified Container but is included in the operating system packages in the operator and operand images. IBM App Connect Enterprise Certified Container operator and operand images may be vulnerable to arbitrary code...

EulerOS 2.0 SP10 : python-lxml (EulerOS-SA-2022-2663)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together wi...

Debian dla-3172 : libxml2 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3172 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3172-1 [email protected]...

GLSA-202210-39 : libxml2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-39 libxml2: Multiple Vulnerabilities - Please review the referenced CVE identifiers for details. CVE-2022-40303, CVE-2022-40304 Note that Nessus has not tested for these issues but has instead relied only on the application...

Debian: Security Advisory (DLA-3172-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3172-1] libxml2 security update

Debian LTS Advisory DLA-3172-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 30, 2022 https://wiki.debian.org/LTS Package : libxml2 Version : 2.9.4+dfsg1-7+deb10u5 CVE ID : CVE-2022-40303 CVE-2022-40304 Debian Bug : 1022224 1022225 It was discovered that...

DLA-3172-1 libxml2 - security update

Bulletin has no description...

Security Bulletin: IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities

Summary IBM Cloud Pak for Security is vulnerable to using components with known vulnerabilities. These components have been updated in the latest release and the vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest...

Vulnerabilities fixed in Tenable Nessus

Vulnerabilities have been fixed in Tenable Nessus. Nessus makes uses opensource products moment.js, expat, datatables, libxml2 and zlib. Tenable chose to upgrade these components to upgrade to address the potential impact of the issues. Tenable has issued updates to address the vulnerabilities. F...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-2622)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2022-2622)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can...

Fedora: Security Advisory for libxml2 (FEDORA-2022-aeafd24818)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:3717-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12: libxml2-2 / libxml2-2-32bit / libxml2-devel / libxml2-doc / etc (SUSE-SU-2022:3717-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3717-1 advisory. - CVE-2016-3709: Fixed possible XSS vulnerability bsc1201978. - CVE-2022-40303: Fixed integer overflows with XMLPARSEHUGE bsc120436...

[SECURITY] Fedora 36 Update: xmlsec1-1.2.33-3.fc36

XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards "XML Digital Signature" and "XML Encryption"...

[SECURITY] Fedora 36 Update: libxml2-2.10.3-1.fc36

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

SUSE-SU-2022:3717-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability bsc1201978. - CVE-2022-40303: Fixed integer overflows with XMLPARSEHUGE bsc1204366. - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles bsc1204367...

SUSE: Security Advisory (SUSE-SU-2022:3692-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15: libxml2-2 / libxml2-2-32bit / libxml2-devel / libxml2-devel-32bit / etc (SUSE-SU-2022:3692-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3692-1 advisory. - CVE-2022-40303: Fixed integer overflows with XMLPARSEHUGE bsc1204366. - CVE-2022-40304: Fixed...

SUSE-SU-2022:3692-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2022-40303: Fixed integer overflows with XMLPARSEHUGE bsc1204366. - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles bsc1204367...