6932 matches found
CVE-2021-3596
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault...
CVE-2021-3596
A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt and uses the value directly, which leads to a crash and segmentation fault...
Security Bulletin: Libxml2 vulnerabilities in Network Intrusion Prevention System (CVE-2014-0191, CVE-2013-2877, CVE-2014-3660, CVE-2013-5211)
Summary Security vulnerabilities have been discovered in the libxml2 component of IBM Security Network Intrusion Prevention System. Vulnerability Details CVEID: CVE-2014-0191 DESCRIPTION: Libxml2 is vulnerable to a denial of service, caused by the expansion of internal entities within the...
libxml2 Resource Management Error Vulnerability (CNVD-2022-21487)
libxml2 is an open source library for parsing XML documents. It is written in C and can be called by multiple languages, such as C, C, XSH. libxml2 suffers from a resource management error vulnerability that can be exploited by attackers to threaten alerts that affect software or systems...
CVE-2022-23308
A flaw was found in libxml2. A call to the xmlGetID function can return a pointer already freed when parsing an XML document with the XMLPARSEDTDVALID option and without the XMLPARSENOENT option, resulting in a use-after-free issue...
libxml2 资源管理错误漏洞
libxml2 is an open source library for parsing XML documents. It is written in C and can be called by multiple languages, such as C, C, XSH. libxml2 suffers from a resource management error vulnerability that can be exploited by attackers to threaten alerts that affect software or systems...
Update packaged libxml2 (2.9.12 → 2.9.13) and libxslt (1.1.34 → 1.1.35)
Summary Nokogiri v1.13.2 upgrades two of its packaged dependencies: vendored libxml2 from v2.9.12 to v2.9.13 vendored libxslt from v1.1.34 to v1.1.35 Those library versions address the following upstream CVEs: libxslt: CVE-2021-30560 CVSS 8.8, High severity libxml2: CVE-2022-23308 Unspecified...
PT-2022-1917
Name of the Vulnerable Software and Affected Versions libxml2 versions prior to 2.9.13 Description The issue is related to a use-after-free of ID and IDREF attributes in the valid.c file of the libxml2 library, which is used for XML document analysis. This can be exploited by a remote attacker to...
EulerOS Virtualization 3.0.6.6 : libxml2 (EulerOS-SA-2022-1131)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed ...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-1131)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2022-1082)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : libxml2 (EulerOS-SA-2022-1082)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed ...
Rocky Linux 8 : libxml2 (RLSA-2021:2569)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2569 advisory. - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigg...
AlmaLinux 8 : libxml2 (ALSA-2021:1597)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2021:1597 advisory. - GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit...
AlmaLinux 8 : libxml2 (ALSA-2021:2569)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:2569 advisory. - There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger...
AlmaLinux 8 : libxml2 (ALSA-2020:4479)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4479 advisory. - xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc-oldNs. CVE-2019-19956 - xmlSchemaPreRun in...
Mageia: Security Advisory (MGASA-2016-0263)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0050)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0214)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0101)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...