6939 matches found
Vulnerabilities of the CentOS operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the libxml2-static-2.7.6 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...
The vulnerability of the Libxml2 software library for analyzing XML documents lies in the fact that an out-of-bound operation can be executed, allowing an attacker to cause a service failure.
The vulnerability of the Libxml2 software library for analyzing XML documents relates to the execution of operations beyond the acceptable data buffer limits. Exploiting this vulnerability allows a malicious actor to cause service failures...
Vulnerabilities of the Gentoo Linux operating system, which allow a remote attacker to compromise the accessibility of protected information
The multiple vulnerabilities in the libxml2 package up to version 2.7.3-r2 of the Gentoo Linux operating system can lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...
PT-2015-3363
Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description The issue is related to insufficient restriction of XML links to external objects in the libxml2 library's XML file parser. This can be exploited by a remote attacker using a specially crafte...
Nokogiri gem contains several vulnerabilities in libxml2 and libxslt
Several vulnerabilities were discovered in the libxml2 and libxslt libraries that the Nokogiri gem depends on. CVE-2015-1819 A denial of service flaw was found in the way libxml2 parsed XML documents. This flaw could cause an application that uses libxml2 to use an excessive amount of memory...
libxml2 -- Enforce the reader to run in constant memory
Daniel Veilland reports: Enforce the reader to run in constant memory. One of the operation on the reader could resolve entities leading to the classic expansion issue. Make sure the buffer used for xmlreader operation is bounded. Introduce a new allocation type for the buffers for this effect...
Fedora 20 : libxml2-2.9.1-4.fc20 (2015-4719)
fixes built in also added a couple of other entities related patches including a fix to CVE-2014-3660 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
Fedora Update for libxml2 FEDORA-2015-4719
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for libxml2 FEDORA-2015-4658
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 3057-2] libxml2 regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3057-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 07, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3057-2] libxml2 regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3057-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso April 07, 2015 http://www.debian.org/security/faq -...
[SECURITY] Fedora 21 Update: libxml2-2.9.1-7.fc21
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
DSA-3057-2 libxml2 - regression update
Bulletin has no description...
libxml2 security update
CentOS Errata and Security Advisory CESA-2015:0749 Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...
CentOS 7 : libxml2 (CESA-2015:0749)
Updated libxml2 packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...
CentOS Update for libxml2 CESA-2015:0749 centos7
Check the version of libxml2 SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882149";...
Oracle Linux 7 : libxml2 (ELSA-2015-0749)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-0749 advisory. - Fix missing entities after CVE-2014-3660 fix - CVE-2014-0191 Do not fetch external parameter entities rhbz1195649 Tenable has extracted the preceding...
Scientific Linux Security Update : libxml2 on SL7.x x86_64 (20150330)
It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity XXE attacks, possibly resulting ...
RedHat Update for libxml2 RHSA-2015:0749-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libxml2: external parameter entity loaded when entity substitution is disabled
It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity XXE attacks, possibly resulting ...