Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017617 advisory. ImageMagick before 7.0.9-0 allows remote attackers to cause a denial of service because XMLPARSEHUGE is not properly restricted in coders/svg.c, related to SVG and...

CVE-2024-34393

libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop...

libxmljs2 type confusion vulnerability when parsing specially crafted XML

libxmljs2 is vulnerable to type confusion when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop and remote code...

libxmljs vulnerable to type confusion when parsing specially crafted XML

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop a...

CVE-2024-34393

Libxmljs2 contains a type confusion vulnerability related to parsing specially crafted XML and then calling attrs() on the result of a parsed node. Affected component is the libxmljs2 XML parsing path; the underlying issue is a type confusion when attrs() is invoked on the grandchild node or resu...

CVE-2024-34393 libxmljs2 attrs type confusion RCE

libxmljs2 is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop...

CVE-2024-34391 libxmljs attrs type confusion RCE

libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking a function on the result of attrs that was called on a parsed node. This vulnerability might lead to denial of service on both 32-bit systems and 64-bit systems, data leak, infinite loop a...

EulerOS Virtualization 2.11.0 : libxml2 (EulerOS-SA-2023-2091)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2023-1893)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option...

Amazon Linux AMI : libxml2 (ALAS-2023-1743)

The version of libxml2 installed on the remote host is prior to 2.9.1-6.6.42. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1743 advisory. parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the...

AIX 7.2 TL 5 : libxml2 (IJ45056)

https://vulners.com/cve/CVE-2022-40304 https://vulners.com/cve/CVE-2022-40304 Gnome ibxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a dict corruption flaw. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability...

AIX : Multiple Vulnerabilities (IJ45059)

The version of AIX installed on the remote host is prior to APAR IJ45059. It is, therefore, affected by multiple vulnerabilities as referenced in the IJ45059 advisory. - An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key,...

AIX 7.3 TL 1 : libxml2 (IJ45060)

https://vulners.com/cve/CVE-2022-40304 https://vulners.com/cve/CVE-2022-40304 Gnome ibxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a dict corruption flaw. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability...

Amazon Linux 2023 : xmlsec1, xmlsec1-devel, xmlsec1-openssl (ALAS2023-2023-097)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-097 advisory. An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several integer counters can overflow. This results in ...

EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2023-1510)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, sever...

AlmaLinux 8 : libxml2 (ALSA-2023:0173)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0173 advisory. - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, several intege...

EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2023-1106)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, sever...

EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2023-1130)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE parser option enabled, sever...

Amazon Linux 2022 : xmlsec1 (ALAS2022-2022-257)

The version of xmlsec1 installed on the remote host is prior to 1.2.33-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-257 advisory. - An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XMLPARSEHUGE...

libxml2: Fix of 2 CVEs

CVE-2022-40303: fix integer overflows with XMLPARSEHUGE - CVE-2022-40304: fix dict corruption caused by entity reference cycles...