CVE-2022-2309 affecting package libxml2 2.9.14-1

CVE-2022-2309 affecting package libxml2 2.9.14-1. A patched version of the package is available...

CVE-2022-2309 affecting package libxml2 for versions less than 2.10.0-1

CVE-2022-2309 affecting package libxml2 for versions less than 2.10.0-1. An upgraded version of the package is available that resolves this issue...

EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2022-2303)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together wi...

EulerOS 2.0 SP9 : python-lxml (EulerOS-SA-2022-2332)

According to the versions of the python-lxml package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference allows attackers to cause a denial of service or application crash. This only applies when lxml is used together wi...

Huawei EulerOS: Security Advisory for python-lxml (EulerOS-SA-2022-2332)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AIX is vulnerable to a denial of service due to libxml2 (CVE-2022-29824)

IBM SECURITY ADVISORY First Issued: Mon Sep 12 15:07:01 CDT 2022 |Updated: Mon Dec 12 12:49:47 CST 2022 |Update: Added iFixes for AIX 7.2 TL5 SP5 and VIOS 3.1.4.10. The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/libxml2advisory3.asc...

Important Photon OS Security Update - PHSA-2022-0514

Updates of 'libxml2' packages of Photon OS have been released...

Amazon Linux 2022 : libxml2, libxml2-devel, libxml2-static (ALAS2022-2022-068)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-068 advisory. valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the...

There are two Information Disclosure vulnerabilities in colord and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'err_msg' of 'sqlite3_exec' is not releasing after use while libxml2 emphasizes that the caller needs to release it.

...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.0.2.5)

The version of AOS installed on the remote host is prior to 6.0.2.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.0.2.5 advisory. - xpointer.c in libxml2 before 2.9.5 as used in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3,...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.1.1)

The version of AOS installed on the remote host is prior to 6.1.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.1.1 advisory. - JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j...

Information Disclosure

libanjuta.so is vulnerable to information disclosure.The vulnerability exits in readbookmarks function in anjuta-bookmarks.c because the incorrect use of libxml2 API which allows an attacker to gain access to information in the file system...

VTK NULL pointer dereference vulnerability

There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may...

GHSA-XFHG-9PJG-XG7G VTK NULL pointer dereference vulnerability

There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may...

Ubuntu: Security Advisory (USN-3513-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3739-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3424-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-3504-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-42523

There are two Information Disclosure vulnerabilities in colord, and they lie in colord/src/cd-device-db.c and colord/src/cd-profile-db.c separately. They exist because the 'errmsg' of 'sqlite3exec' is not releasing after use, while libxml2 emphasizes that the caller needs to release it...

CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...