Alibaba Cloud Linux 3 : 0104: libxml2 (ALINUX3-SA-2026:0104)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0104 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-9714: Uncontrolled recursion inXPath...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-11.0.0.1)

The version of AHV installed on the remote host is prior to AHV-11.0.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-11.0.0.1 advisory. - Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to...

Unity Linux 20.1070e Security Update: libxml2 (UTSA-2025-993313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993313 advisory. Uncontrolled recursion inXPath evaluationin libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPa...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.19 LTS and 12.19.0 address the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: libxml2 (UTSA-2025-991295)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991295 advisory. Uncontrolled recursion inXPath evaluationin libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPa...

ROS-20251111-01

A vulnerability in the libxml2 library for manipulating XML and HTML files is related to uncontrolled recursion during the XPath computation in the xmlXPathRunEval function in xpath.c. Exploitation of the vulnerability could allow an an attacker to cause a denial of service A vulnerability in the...

CLSA-2025-1760020147 Fix CVE(s): CVE-2025-9714

SECURITY UPDATE: uncontrolled recursion causing stack overflow via crafted XPath expressions - debian/patches/CVE-2025-9714-.patch: Add comprehensive XPath DoS protection including operation limits, recursion depth controls, and proper handling of recursive invocations to prevent stack overflows...

CVE-2025-9714

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...

SUSE CVE-2025-9714

Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions xmlXPathRunEval, xmlXPathCtxtCompile, and xmlXPathEvalExpr were resetting recursion depth to zero before...