PT-2026-37837

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

CLSA-2025-1755708467 libxml2: Fix of 2 CVEs

CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c - CVE-2024-56171: fix use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c...

RHEL 7 : libxml2 (RHSA-2025:13789)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13789 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-bounds Read in...

RHEL 8 : libxml2 (RHSA-2025:13688)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:13688 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-bounds Read in...

CLSA-2025-1747058711 libxml2: Fix of CVE-2025-32415

CVE-2025-32415: fix heap buffer overflow in xmlSchemaIDCFillNodeTables...