CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

PT-2022-11606 · Anjuta +2 · Anjuta +2

Name of the Vulnerable Software and Affected Versions: Anjuta affected versions not specified Description: The issue is caused by the incorrect use of the libxml2 API in the anjuta/plugins/document-manager/anjuta-bookmarks.c file. Specifically, the vendor forgot to call g free to release the retu...

GNOME Anjuta DevStudio 信息泄露漏洞

GNOME Anjuta DevStudio is a versatile integrated development environment IDE based on the GNOME desktop environment and features many advanced programming tools. A security vulnerability exists in GNOME Anjuta DevStudio that stems from its anjuta/plugins/document-manager/anjuta-bookmarks.c...

CVE-2021-42521

VTK vulnerability CVE-2021-42521: a NULL pointer dereference in IO/Infovis/vtkXMLTreeReader.cxx due to the vendor not checking xmlDocGetRootElement’s return value. Affected: VTK before 9.2.5. Impact: possible crash of the application. Root cause: potential NULL dereference when parsing XML with l...

SUSE SLES15 Security Update : python-lxml (SUSE-SU-2022:2878-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:2878-1 advisory. - CVE-2022-2309: Fixed NULL pointer dereference due to state leak between parser runs bsc1201253. Tenable has extracted the preceding...

Mageia: Security Advisory (MGASA-2022-0290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated libxml2 packages fix security vulnerability

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code CVE-2016-3709...

MGASA-2022-0290 Updated libxml2 packages fix security vulnerability

It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code CVE-2016-3709...

Security Bulletin: IBM InfoSphere Identity Insight vulnerabilities in third party libraries (CVE-2021-39239, CVE-2022-23308, CVE-2021-29424, CVE-2020-15250, 177835)

Summary A vulnerability in the libxml2 library can cause a denial of service in IBM InfoSphere Identity Insight. Other vulnerabilities that do not impact Identity Insight are present in four libraries that are currently included with the product but not used. Vulnerability Details...

OESA-2022-1829 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

OESA-2022-1828 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

Important Photon OS Security Update - PHSA-2022-3.0-0434

Updates of 'libxml2' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-0227

Updates of 'libxml2' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-4.0-0227

Updates of 'libxml2' packages of Photon OS have been released...

lxml: Multiple Vulnerabilities

Background lxml is a Pythonic binding for the libxml2 and libxslt libraries. Description Multiple vulnerabilities have been discovered in lxml. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...

GLSA-202208-06 : lxml: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-06 lxml: Multiple Vulnerabilities - An XSS vulnerability was discovered in python-lxml's clean module versions before 4.6.3. When disabling the safeattrsonly and forms arguments, the Cleaner class does not remove the...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go, libxml2, curl, expat, libgcrypt and IBM WebSphere Application Server Liberty

Summary Multiple issues were identified in Red Hat UBIubi8/ubi-minimal v8.6-x packages Golang Go, libxml2, curl, expat ,libgcrypt and IBM WebSphere Application Server Liberty that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS : libxml2 vulnerability (USN-5548-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5548-1 advisory. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to execute arbitrary code...

Ubuntu: Security Advisory (USN-5548-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...