CVE-2025-26434

In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

UBUNTU-CVE-2025-26434

In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-26434

CVE-2025-26434 involves libxml2 with a vulnerability described as an out-of-bounds read caused by a buffer overflow. The impact is local information disclosure without requiring privileges or user interaction, as stated in the public descriptions. Connected documents corroborate the root cause as...

CVE-2025-26434

In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. An attacker can access sensitive information by triggering a specially crafted input that causes the process to read beyond the intended memory boundaries. Remediation Upgrade libxml2 to version 2.14.0 or higher...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow. An attacker can access sensitive information by triggering a specially crafted input that causes the process to read beyond the intended memory boundaries. Remediation Upgrade libxml2 to version 2.14.5 or higher...

CVE-2025-26434

In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-26434

In libxml2, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Linux Distros Unpatched Vulnerability : CVE-2025-9714

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.47 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.47 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.23 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.23 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

libxml2 xmlcatalog xmlParseSGMLCatalog recursion

...

Important: libxml2

Issue Overview: A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the...

UBUNTU-CVE-2025-9714

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

Amazon Linux 2 : libxml2, --advisory ALAS2-2025-2977 (ALAS-2025-2977)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2977 advisory. A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management...

SUSE CVE-2025-9714

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

ROOT-OS-DEBIAN-11-CVE-2025-7425 CVE-2025-7425 in rootio-libxml2 - Patched by Root

Root has patched CVE-2025-7425 in the rootio-libxml2 package for Root:Debian:11. Multiple fixed versions available...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1894)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: DataStage on Cloud Pak for Data has several vulnerabilities due to the libxml2 package (CVE-2025-27113, CVE-2025-32414, CVE-2025-32415)

Summary libxml2 is used by DataStage on Cloud Pak for Data as part of XML processing. Vulnerability Details CVEID:CVE-2025-27113 DESCRIPTION: libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. CWE:CWE-476: NULL Pointer Dereference CVSS...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to a use-after-free vulnerability due to the libxml2 package (CVE-2025-49794)

Summary libxml2 is used by DataStage on Cloud Pak for Data as part of XML processing. Vulnerability Details CVEID:CVE-2025-49794 DESCRIPTION: A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has...