Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-2105)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-2048)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerabilities in libxml2 library (CVE-2025-6021, CVE-2025-49794, CVE-2025-49796) affect Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2025-6021 DESCRIPTION: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a...

CLSA-2025-1757415450 libxml2: Fix of 2 CVEs

CVE-2025-7425: fix heap-use-after-free in xmlFreeID caused by 'atype' corruption - CVE-2025-6021: fix integer overflows in buffer size calculations...

Advisory ROSA-SA-2025-2962

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 unaffected versions = libxml2-2.9.7-20.0.2.2.rv30 affected versions libxml2-2.9.7-20.0.2.2.rv30 CVE-ID: CVE-2023-45322 BDU-ID: 2023-06827 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlUnlinkNode function tree.c of the libxml2 library is...

Security Bulletin: Vulnerability in libxml2 library (CVE-2025-32414) affects Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-32414 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings...

SUSE CVE-2025-26434

In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

[slackware-security] libxml2

New libxml2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.11.9-i586-7slack15.0.txz: Rebuilt. This update fixes a security issue: PATCH regexp: Avoid integer overflow and OOB array...

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

RLSA-2025:13203 Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables CVE-2025-32415 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

libxml2 security update

2.9.1-6.0.11.6 - Fix CVE-2025-32415: Fix heap buffer overflow Orabug: 38310750...

Important: libxml2

Issue Overview: A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the...

RockyLinux 8 : libxml2 (RLSA-2025:13203)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:13203 advisory. libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables CVE-2025-32415 Tenable has extracted the preceding description block directly from the RockyLinux...

Oracle Linux 7 : libxml2 (ELSA-2025-13789)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-13789 advisory. 2.9.1-6.0.11.6 - Fix CVE-2025-32415: Fix heap buffer overflow Orabug: 38310750 Tenable has extracted the preceding description block directly from the Oracle...

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2025-1154)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1154 advisory. A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.3.0.2)

The version of AHV installed on the remote host is prior to AHV-10.3.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.3.0.2 advisory. - There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the...

CVE-2025-26434

In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Mitigation Mitigation for this issue is either not available or the current...

Linux Distros Unpatched Vulnerability : CVE-2025-26434

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution...

Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images

Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploi...

CVE-2025-26434

In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...