Advisory ROSA-SA-2025-3085

Software: libxml2 2.9.1 OS: rosa-server79 unaffected versions = libxml2-2.9.1-6.0.11.res7.6 affected versions libxml2-2.9.1-6.0.11.res7.6 CVE-ID: CVE-2025-6021 BDU-ID: 2025-07144 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...

EUVD-2024-15916

Malicious code in bioql PyPI...

Medium: libxml2

Issue Overview: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...

SUSE-SU-2025:1439-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2025-32414: Fixed an out-of-bounds read when parsing text via the Python API. bsc1241551 - CVE-2025-32415: Fixed a crafted XML document may lead to a heap-based buffer under-read. bsc1241453...

CVE-2025-32414

CVE-2025-32414 concerns libxml2 prior to 2.13.8 and 2.14.x prior to 2.14.2, where the Python bindings can trigger an out-of-bounds memory access due to an incorrect return value in the Python API. Affected code paths include xmlPythonFileRead and xmlPythonFileReadRaw, caused by a mismatch between...

CVE-2025-32414

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters...