Download
| Alert*
oval:org.secpod.oval:def:1700734
There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availab ... oval:org.secpod.oval:def:2106968 Oracle Solaris 11 - ( CVE-2021-3518 ) oval:org.secpod.oval:def:121511 Qt5 - QtWebEngine components. oval:org.secpod.oval:def:1700653 GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. There is a flaw in the xml entity encoding functionality of libxml2. An attacker who is able to supply a crafted file to be proce ... oval:org.secpod.oval:def:2500334 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:73714 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use-after-free in xmlEncodeEntitiesInternal in entities.c * libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal in entities.c * libxml2: Use-after-free in xmlXI ... oval:org.secpod.oval:def:4500068 The libxml2 library is a development toolbox providing the implementation of various XML standards. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:75578 The host is installed with Oracle Java SE through 8u301 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxml). Successful exploitation allows attackers to affect Confidentiality, Integrity and Availability. oval:org.secpod.oval:def:706050 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:89044322 This update for libxml2 fixes the following issues: Security issues fixed: - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:x ... oval:org.secpod.oval:def:97592 [CLSA-2022:1641903536] Fixed 8 CVEs in libxml2 oval:org.secpod.oval:def:1505507 [2.9.7-12] - Fix CVE-2022-23308 [2.9.7-11] - Fix CVE-2021-3541 [2.9.7-10] - Fix CVE-2021-3516 - Fix CVE-2021-3517 - Fix CVE-2021-3518 - Fix CVE-2021-3537 oval:org.secpod.oval:def:120342 This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream o ... oval:org.secpod.oval:def:89044283 This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal . - CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesIntern ... oval:org.secpod.oval:def:73703 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:89044308 This update for libxml2 fixes the following issues: Security issues fixed: CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xml ... oval:org.secpod.oval:def:75494 The host is installed with Oracle Java SE through 8u301 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxml). Successful exploitation allows attackers to affect Confidentiality, Integrity and Availability. oval:org.secpod.oval:def:89047107 This update for libxml2 fixes the following issues: - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInternal . - CVE-2021-3516: Fixed a use after free in entities.c:xmlEncodeEntitiesIntern ... oval:org.secpod.oval:def:120150 This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream o ... oval:org.secpod.oval:def:89047293 This update for libxml2 fixes the following issues: - CVE-2021-3537: NULL pointer dereference in valid.c:xmlValidBuildAContentModel - CVE-2021-3518: Fixed a use after free in xinclude.c:xmlXIncludeDoProcess . - CVE-2021-3517: Fixed a heap based buffer overflow in entities.c:xmlEncodeEntitiesInterna ... oval:org.secpod.oval:def:73458 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:506241 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: Use-after-free in xmlEncodeEntitiesInternal in entities.c * libxml2: Heap-based buffer overflow in xmlEncodeEntitiesInternal in entities.c * libxml2: Use-after-free in xmlXI ... oval:org.secpod.oval:def:73457 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:73696 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:75560 The host is installed with Oracle Java SE through 8u301 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxml). Successful exploitation allows attackers to affect Confidentiality, Integrity and Availability. oval:org.secpod.oval:def:1505003 [2.9.7-9.0.1] - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball [2.9.7-9.2] - Fix CVE-2021-3541 [2.9.7-9.1] - Fix CVE-2021-3516 - Fix CVE-2021-3517 - Fix CVE-2021-3518 - Fix CVE-2021-3537 oval:org.secpod.oval:def:75408 The host is installed with Oracle Java SE through 8u301, or Azul Zulu 8 before 8.57, 11 before 11.51, 13 before 13.43, or 15 before 15.35 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle vectors related to JavaFX (libxml). Successful exploitat ... oval:org.secpod.oval:def:1601696 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml ... oval:org.secpod.oval:def:121575 Qt5 - QtWebEngine components. |