Download
| Alert*
oval:org.secpod.oval:def:19500062
An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault. An iss ... oval:org.secpod.oval:def:507464 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS sc ... oval:org.secpod.oval:def:86193 The host is installed with Apple Mac OS 11 before 11.7.2 or Apple Mac OS 12 before 12.6.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application which fails to handle unknown vector. Successful exploitation allows a remote user to cause unexpected app termina ... oval:org.secpod.oval:def:507475 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS sc ... oval:org.secpod.oval:def:86540 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:85801 The host is installed with Apple Mac OS 13 before 13.0.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle issues in checks. On successful exploitation, a remote user may be able to cause unexpected app termination or arbi ... oval:org.secpod.oval:def:3301070 SUSE Security Update: Security update for libxml2 oval:org.secpod.oval:def:85798 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. On successful exploitation, a remote user may be able to cause unexpected app termination or arb ... oval:org.secpod.oval:def:610239 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. CVE-2022-40303 Maddie Stone discovered that missing safety checks in several functions can result in integer overflows when parsing a XML document with the XML_PARSE_HUGE opt ... oval:org.secpod.oval:def:1506355 [2.9.7-15.1] - Fix CVE-2022-40303 - Fix CVE-2022-40304 oval:org.secpod.oval:def:1506370 [2.9.13-3] - Fix CVE-2022-40303 - Fix CVE-2022-40304 oval:org.secpod.oval:def:19500083 valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types. A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write. ... oval:org.secpod.oval:def:2600135 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:124335 This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream o ... oval:org.secpod.oval:def:124334 XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards XML Digital Signature and XML Encryption. oval:org.secpod.oval:def:2107265 Oracle Solaris 11 - ( CVE-2022-40304 ) oval:org.secpod.oval:def:5800014 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS sc ... oval:org.secpod.oval:def:2500918 The libxml2 library is a development toolbox providing the implementation of various XML standards. oval:org.secpod.oval:def:89047705 This update for libxml2 fixes the following issues: - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles . oval:org.secpod.oval:def:4501217 The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix: * libxml2: integer overflows with XML_PARSE_HUGE * libxml2: dict corruption caused by entity reference cycles For more details about the security issue, including the impact, a CVSS sc ... oval:org.secpod.oval:def:1701240 An issue was discovered in libxml2 before 2.10.3. When parsing a multi-gigabyte XML document with the XML_PARSE_HUGE parser option enabled, several integer counters can overflow. This results in an attempt to access an array at a negative 2GB offset, typically leading to a segmentation fault. An iss ... oval:org.secpod.oval:def:707843 libxml2: GNOME XML library Several security issues were fixed in libxml2. oval:org.secpod.oval:def:88425 Several vulnerabilities were discovered in libxml2, a library providing support to read, modify and write XML and HTML files. CVE-2022-40303 Maddie Stone discovered that missing safety checks in several functions can result in integer overflows when parsing a XML document with the XML_PARSE_HUGE opt ... oval:org.secpod.oval:def:97692 [CLSA-2022:1670521677] libxml2: Fix of 2 CVEs oval:org.secpod.oval:def:90236 The remote host is missing a patch containing a security fix, which affects the following packages: bos.rte.control. For more information please visit vendor advisory link. oval:org.secpod.oval:def:86187 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues. Successful exploitation allow attackers to execute arbitrary code, cause denial of service or di ... oval:org.secpod.oval:def:86186 The host is missing a security update according to Apple advisory and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. On successful exploitation, an application may be able to execute arbitrary code with kernel privi ... oval:org.secpod.oval:def:3300847 SUSE Security Update: Security update for libxml2 oval:org.secpod.oval:def:1601696 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml ... oval:org.secpod.oval:def:89047841 This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability . - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles . oval:org.secpod.oval:def:89047730 This update for libxml2 fixes the following issues: - CVE-2016-3709: Fixed possible XSS vulnerability . - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE . - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles . |