MiracleLinux 8 : libxml2-2.9.7-15.el8 (AXSA:2022-4126:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4126:06 advisory. libxml2: Incorrect server side include parsing can lead to XSS CVE-2016-3709 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : libxml2-2.9.13-14.el9_7 (AXSA:2025-11552:17)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11552:17 advisory. libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 Tenable has extracted the preceding description...

Advisory ROSA-SA-2025-3097

Software: libxml2 2.9.7 OS: ROSA Virtualization 2.1 packageevrstring: libxml2-2.9.7-18.rv3.2 CVE-ID: CVE-2023-39615 BDU-ID: 2023-05968 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlsax2startelement function of the libxml2 library is caused by a buffer overflow. Exploitation of the...

Advisory ROSA-SA-2025-3073

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 unaffected versions = libxml2-2.9.7-21.0.1.rv30.3 affected versions libxml2-2.9.7-21.0.1.1.rv30.3 CVE-ID: CVE-2025-6021 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...

Advisory ROSA-SA-2025-3054

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.1 unaffected versions = libxml2-2.9.7-21.0.1.rv31.3 affected versions libxml2-2.9.7-21.0.1.1.rv31.3 CVE-ID: CVE-2025-6021 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlBuildQName function of the Libxml2 library is related to a...

Advisory ROSA-SA-2025-2962

Software: libxml2 2.9.7 OS: ROSA Virtualization 3.0 unaffected versions = libxml2-2.9.7-20.0.2.2.rv30 affected versions libxml2-2.9.7-20.0.2.2.rv30 CVE-ID: CVE-2023-45322 BDU-ID: 2023-06827 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the xmlUnlinkNode function tree.c of the libxml2 library is...

RHSA-2025:13312 Red Hat Security Advisory: libxml2 security update

Bulletin has no description...

SUSE-SU-2025:02620-1 Security update for libxml2

This update for libxml2 fixes the following issues: - CVE-2025-7425: Fixed heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr bsc1246296...

[R1] Nessus Version 10.8.5 Fixes Multiple Vulnerabilities

R1 Nessus Version 10.8.5 Fixes Multiple Vulnerabilities Arnie Cabral Mon, 06/30/2025 - 12:10 Nessus leverages third-party software to help provide underlying functionality. Several of the third-party components libxml2, libxslt were found to contain vulnerabilities, and updated versions have been...

Important: libxml2

Issue Overview: A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. CVE-2025-6021 Affected Packages:...

CBL Mariner 2.0 Security Update: libxml2 (CVE-2022-49043)

The version of libxml2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-49043 advisory. - xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. CVE-2022-49043 Note that...