MiracleLinux 7 : libxml2-2.9.1-6.6.0.4.el7.AXS7 (AXSA:2025-10716:14)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10716:14 advisory. CVE-2025-49794: fix memory safety issues in xmlSchematronReportOutput when parsing XPath elements CVE-2025-49796: fix memory corruption issue...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: libxml2 (UTSA-2025-986099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986099 advisory. A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacke...

Unity Linux 20.1070a Security Update: libxml2 (UTSA-2025-986115)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986115 advisory. A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacke...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

libxml: Type confusion leads to Denial of service (DoS)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

ALPINE-CVE-2025-49796

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

UBUNTU-CVE-2025-49796

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined...

Out-of-bounds Read

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Out-of-bounds Read due to improper namespace processing of sch:name elements in xmlSchematronFormatReport function. An attacker can cause a denial of service or potentially execu...