9 matches found
Astra Linux - уязвимость в libxml2
In libxml2 before version 2.10.4, parsing certain invalid XSD schemas can lead to a NULL pointer dereferencing, followed by a segfault. This issue occurs in the xmlSchemaFixupComplexType function in xmlschemas.c...
K000159661: libxml2 vulnerabilities CVE-2025-32414 and CVE-2025-32415
Security Advisory Description CVE-2025-32414 In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between...
OESA-2025-1459 libxml2 security update
This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX strea...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: NULL pointer...
Security update for libxml2
This update for libxml2 fixes the following issues: CVE-2024-56171: use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c bsc1237363. CVE-2025-24928: stack-based buffer overflow in xmlSnprintfElements in valid.c bsc1237370. CVE-2025-27113: NULL pointer...
SUSE CVE-2024-56171
libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be...
In libxml2 before 2.10.4 parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c.
...
CVE-2023-28484
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c...
The vulnerability of the xmlschemas.c component in the libxml2 library allows a attacker to cause a service failure.
The vulnerability of the xmlschemas.c component in the libxml2 library is related to the failure to release resources after their useful period has ended. Exploiting this vulnerability could allow a malicious actor to cause service failures...