OESA-2025-1701 libxml2 security update

This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...

SUSE CVE-2013-2160

The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service CPU and memory consumption via crafted XML with a large number of 1 elements, 2 attributes, 3 nested constructs, and possibly other vectors...

Improper Input Validation in Apache Santuario XML Security

Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML document...

Apache CXF Denial of Service Vulnerabilities Patched

The Apache Software Foundation has patched a denial of service vulnerability in the XML parser of the Apache CXF Web services framework. Researchers, Andreas Falkenberg from Sec Consult Vulnerability Labs, and Christian Mainka, Juraj Somorovsky, and Joerg Schwenk from Ruhr-University Bochum,...