6932 matches found
Mageia: Security Advisory (MGASA-2022-0177)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Integer Overflow or Wraparound in libxml2 affects Nokogiri
Summary Nokogiri v1.13.5 upgrades the packaged version of its dependency libxml2 from v2.9.13 to v2.9.14. libxml2 v2.9.14 addresses CVE-2022-29824. This version also includes several security-related bug fixes for which CVEs were not created, including a potential double-free, potential memory...
GHSA-CGX6-HPWQ-FHV5 Integer Overflow or Wraparound in libxml2 affects Nokogiri
Summary Nokogiri v1.13.5 upgrades the packaged version of its dependency libxml2 from v2.9.13 to v2.9.14. libxml2 v2.9.14 addresses CVE-2022-29824. This version also includes several security-related bug fixes for which CVEs were not created, including a potential double-free, potential memory...
OESA-2022-1658 libxml2 security update
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
Fedora: Security Advisory for libxml2 (FEDORA-2022-f624aad735)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-3012-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-3012-1 : libxml2 - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3012 advisory. Felix Wilhelm discovered that libxml2, the GNOME XML library, did not correctly check for integer overflows or used wrong types for buffer sizes. This could result in...
Ubuntu: Security Advisory (USN-5422-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-3012-1 libxml2 - security update
Bulletin has no description...
[SECURITY] [DLA 3012-1] libxml2 security update
Debian LTS Advisory DLA-3012-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 17, 2022 https://wiki.debian.org/LTS Package : libxml2 Version : 2.9.4+dfsg1-2.2+deb9u7 CVE ID : CVE-2022-29824 Debian Bug : 1010526 Felix Wilhelm discovered that libxml2, the GNOME...
USN-5422-1: libxml2 vulnerabilities
Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. CVE-2022-23308 It was...
USN-5422-1 libxml2 vulnerabilities
Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. CVE-2022-23308 It was...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : libxml2 vulnerabilities (USN-5422-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5422-1 advisory. Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue ...
ROS-20220516-08
A vulnerability in the libxml2 XML document parsing library is related to an integer overflow in several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer. Exploitation of the vulnerability could allow an attacker acting remotely to pass a specially crafted multi-gigabyte XML file to...
Fedora: Security Advisory for libxml2 (FEDORA-2022-be6d83642a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 35 Update: libxml2-2.9.14-1.fc35
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities...
GHSA-X2FM-93WW-GGVX Nokogiri gem, via libxml, is affected by DoS vulnerabilities
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities...
Updated libxml2 packages fix security vulnerability
In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...
MGASA-2022-0177 Updated libxml2 packages fix security vulnerability
In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer...