rpm package
suse/libxml2&distro=SUSE Linux Micro 6.2
pkg:rpm/suse/libxml2&distro=SUSE%20Linux%20Micro%206.2
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-1757 | Med | 6.2 | < 2.13.8-160000.4.1 | 2.13.8-160000.4.1 | Feb 2, 2026 | A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command executio | |
| CVE-2026-0992 | Low | 2.9 | < 2.13.8-160000.4.1 | 2.13.8-160000.4.1 | Jan 15, 2026 | A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs | |
| CVE-2026-0990 | Med | 5.9 | < 2.13.8-160000.4.1 | 2.13.8-160000.4.1 | Jan 15, 2026 | A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent iss | |
| CVE-2026-0989 | Low | 3.7 | < 2.13.8-160000.3.1 | 2.13.8-160000.3.1 | Jan 15, 2026 | A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursi | |
| CVE-2025-10911 | Med | 5.5 | < 2.13.8-160000.4.1 | 2.13.8-160000.4.1 | Sep 25, 2025 | A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash. | |
| CVE-2025-8732 | Low | 3.3 | < 2.13.8-160000.4.1 | 2.13.8-160000.4.1 | Aug 8, 2025 | A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has b |
- affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1
A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command executio
- affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1
A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs
- affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1
A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent iss
- affected < 2.13.8-160000.3.1fixed 2.13.8-160000.3.1
A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursi
- affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
- affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has b