Download
| Alert*
|
oval:org.secpod.oval:def:506104
python3-libxml2 is installed oval:org.secpod.oval:def:507475 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS sc ... oval:org.secpod.oval:def:3301070 SUSE Security Update: Security update for libxml2 oval:org.secpod.oval:def:1506355 [2.9.7-15.1] - Fix CVE-2022-40303 - Fix CVE-2022-40304 oval:org.secpod.oval:def:1506370 [2.9.13-3] - Fix CVE-2022-40303 - Fix CVE-2022-40304 oval:org.secpod.oval:def:1505862 [2.9.13-1.1] - Fix CVE-2022-29824 oval:org.secpod.oval:def:1504919 [2.9.7-9.0.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.7-9] - Fix CVE-2020-24977 oval:org.secpod.oval:def:4500904 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use-after-free of ID and IDREF attributes For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer ... oval:org.secpod.oval:def:19500083 valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types. A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write. ... oval:org.secpod.oval:def:5800120 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write For more details about the security issue, including the impact, a CVSS score, acknowledgments, and othe ... oval:org.secpod.oval:def:2500352 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:4501333 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal in entities.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and o ... oval:org.secpod.oval:def:73582 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Buffer overflow vulnerability in xmlEncodeEntitiesInternal in entities.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and o ... oval:org.secpod.oval:def:3301233 SUSE Security Update: Security update for libxml2 oval:org.secpod.oval:def:89047653 This update for libxml2 fixes the following issues: Update to 2.9.14: - CVE-2022-29824: Fixed integer overflow that could have led to an out-of-bounds write in buf.c and tree.c . Update to version 2.9.13: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes oval:org.secpod.oval:def:2600135 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:5800014 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS sc ... oval:org.secpod.oval:def:2500918 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:89047705 This update for libxml2 fixes the following issues: - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles . oval:org.secpod.oval:def:4501217 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS sc ... oval:org.secpod.oval:def:2500215 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:2500334 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:73714 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use-after-free in xmlEncodeEntitiesInternal in entities.c * libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal in entities.c * libxml2: Use-after-free in xmlXI ... oval:org.secpod.oval:def:4500068 The libxml2 library is a development toolbox providing the implementation of various XML standards. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:2500841 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:507285 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Incorrect server side include parsing can lead to XSS For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:1506167 [2.9.7-15] - Fix CVE-2016-3709 [2.9.7-14] - Fix CVE-2022-29824 oval:org.secpod.oval:def:86366 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Incorrect server side include parsing can lead to XSS For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:89051146 This update for libxml2 fixes the following issues: * CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode in tree.c . oval:org.secpod.oval:def:89051167 This update for libxml2 fixes the following issues: * CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode in tree.c . oval:org.secpod.oval:def:3301443 Security update for libxml2 oval:org.secpod.oval:def:19500495 libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when mem ... oval:org.secpod.oval:def:3301859 Security update for libxml2 oval:org.secpod.oval:def:89048770 This update for libxml2 fixes the following issues: * CVE-2023-29469: Fixed inconsistent result when hashing empty strings . * CVE-2023-28484: Fixed NULL pointer dereference in xmlSchemaFixupComplexType . The following non-security bug was fixed: * Remove unneeded dependency . oval:org.secpod.oval:def:19500038 A NULL pointer dereference exists when parsing XML schemas in libxml2 xmlSchemaCheckCOSSTDerivedOK libxml2 Hashing of empty dict strings isn't deterministic. When hashing empty strings which aren't null-terminated, xmlDictComputeFastKey could produce inconsistent results. This could lead to various ... oval:org.secpod.oval:def:89049378 This update for libxml2 fixes the following issues: * CVE-2023-39615: Fixed crafted xml can cause global buffer overflow . oval:org.secpod.oval:def:507881 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: NULL dereference in xmlSchemaFixupComplexType * libxml2: Hashing of empty dict strings isn"t deterministic For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:19500410 Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service via supplying a crafted XML file oval:org.secpod.oval:def:507897 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: NULL dereference in xmlSchemaFixupComplexType * libxml2: Hashing of empty dict strings isn"t deterministic For more details about the security issue, including the impact, a ... oval:org.secpod.oval:def:509113 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: libxml2: crafted xml can cause global buffer overflow For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refe ... oval:org.secpod.oval:def:3301590 Security update for libxml2 oval:org.secpod.oval:def:89049398 This update for libxml2 fixes the following issues: * CVE-2023-39615: Fixed crafted xml can cause global buffer overflow . oval:org.secpod.oval:def:3302825 Security update for libxml2 oval:org.secpod.oval:def:2501466 The libxml2 library is a development toolbox providing the implementation of oval:org.secpod.oval:def:89051493 This update for libxml2 fixes the following issues: * CVE-2024-25062: Fixed use-after-free in XMLReader . oval:org.secpod.oval:def:3302422 Security update for libxml2 oval:org.secpod.oval:def:1507575 [2.9.7-18.1] - Fix CVE-2024-25062 oval:org.secpod.oval:def:2600626 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:509274 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: libxml2: use-after-free in XMLReader For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page ... oval:org.secpod.oval:def:89051947 This update for libxml2 fixes the following issues: * CVE-2024-25062: Fixed use-after-free in XMLReader . |
