VYPR

rpm package

suse/libxml2-python&distro=SUSE Linux Enterprise Server 16.0

pkg:rpm/suse/libxml2-python&distro=SUSE%20Linux%20Enterprise%20Server%2016.0

Vulnerabilities (6)

  • CVE-2026-1757MedFeb 2, 2026
    affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1

    A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command executio

  • CVE-2026-0992LowJan 15, 2026
    affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1

    A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs

  • CVE-2026-0990MedJan 15, 2026
    affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1

    A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent iss

  • CVE-2026-0989LowJan 15, 2026
    affected < 2.13.8-160000.3.1fixed 2.13.8-160000.3.1

    A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursi

  • CVE-2025-10911MedSep 25, 2025
    affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1

    A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.

  • CVE-2025-8732LowAug 8, 2025
    affected < 2.13.8-160000.4.1fixed 2.13.8-160000.4.1

    A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has b