6939 matches found
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current libxml2 Vulnerability (SSA:2022-059-01)
The version of libxml2 installed on the remote host is prior to 2.9.13. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-059-01 advisory. - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. CVE-2022-23308 Note that Nessus has not tested f...
Use After Free
libxml2.so is vulnerable to use after free. The vulnerability exists in ID and IDREF attributes of several functions in valid.c due to lack of validations of which leads to an application crash...
DEBIAN-CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
ALPINE-CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
AZL-8862 CVE-2022-23308 affecting package libxml2 for versions less than 2.9.13-1
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
Design/Logic Flaw
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
UBUNTU-CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
CVE-2022-23308
CVE-2022-23308 affects libxml2 before 2.9.13, caused by a use-after-free in ID/IDREF attributes in valid.c. The NVD data shows a CVSS 3.1 base score of 7.5 (NETWORK, PR:N, UI:N, S:U, C:N/I:N/A:H) and CVSS 2.0 base score of 4.3 (NETWORK, A:P). Connected advisories confirm the same flaw and referen...
CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
CVE-2022-23308
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes...
Vulnerable dependencies in Nokogiri
Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: - vendored libxml2 from v2.9.12 to v2.9.13 - vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: - libxslt: CVE-2021-30560 CVSS 8.8, High severity - libxml2: CVE-2022-23308...
GHSA-FQ42-C5RG-92C2 Vulnerable dependencies in Nokogiri
Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: - vendored libxml2 from v2.9.12 to v2.9.13 - vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: - libxslt: CVE-2021-30560 CVSS 8.8, High severity - libxml2: CVE-2022-23308...
ImageMagick code issue vulnerability (CNVD-2022-18008)
Imagemagick Studio ImageMagick is a set of open source image processing software from the American company ImageMagick Studio Imagemagick Studio. The software can read, convert, or write images in a variety of formats.ImageMagick has a security vulnerability that stems from a null pointer...
Fedora: Security Advisory for libxml2 (FEDORA-2022-b661dea83d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 35 Update: libxml2-2.9.13-1.fc35
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
CVE-2021-3596
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault...