PT-2026-38830

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.

...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1718)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libxml2: use-after-free in XMLReader

A use-after-free flaw was found in libxml2. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

libxml2: Fix of CVE-2024-25062

CVE-2024-25062: Fix xmlValidatePopElement use-after-free in XML Reader interface with DTD validation and XInclude expansion enabled - test suite was partially activated...

CLSA-2024-1708639015 libxml2: Fix of CVE-2024-25062

CVE-2024-25062: Fix xmlValidatePopElement use-after-free when processing crafted XML documents with DTD validation and XInclude expansion enabled - test suite was partially enabled...

GLSA-202402-11 : libxml2: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202402-11 libxml2: Multiple Vulnerabilities - In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in...

OSV-2024-82 Heap-use-after-free in xmlValidatePopElement

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66154 Crash type: Heap-use-after-free READ 8 Crash state: xmlValidatePopElement xmlTextReaderValidatePop xmlTextReaderRead...

PT-2024-40852 · Libxml2 · Libxml2

Name of the Vulnerable Software and Affected Versions: libxml2 affected versions not specified Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. This error is specifically a READ 8 type, indicatin...

CVE-2024-25062

A use-after-free flaw was found in libxml2. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. Mitigation Mitigation for this issue is either not available or the currently...

AZL-34290 CVE-2024-25062 affecting package libxml2 for versions less than 2.10.4-4

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

DEBIAN-CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

CVE-2024-25062

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

libxml2 Security Vulnerabilities

libxml2 is an open source library used to parse XML documents . It is written in C and can be called by many languages, such as C, C++, XSH. A security vulnerability exists in libxml2 prior to version 2.11.7 and version 2.12.x prior to version 2.12.5, which stems from the fact that when using the...