rpm package
suse/libxslt&distro=SUSE Linux Micro 6.2
pkg:rpm/suse/libxslt&distro=SUSE%20Linux%20Micro%206.2
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-1757 | Med | 6.2 | < 1.1.43-160000.4.1 | 1.1.43-160000.4.1 | Feb 2, 2026 | A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command executio | |
| CVE-2026-0992 | Low | 2.9 | < 1.1.43-160000.4.1 | 1.1.43-160000.4.1 | Jan 15, 2026 | A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs | |
| CVE-2026-0990 | Med | 5.9 | < 1.1.43-160000.4.1 | 1.1.43-160000.4.1 | Jan 15, 2026 | A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent iss | |
| CVE-2025-11731 | Low | 3.1 | < 1.1.43-160000.3.1 | 1.1.43-160000.3.1 | Oct 14, 2025 | A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This c | |
| CVE-2025-10911 | Med | 5.5 | < 1.1.43-160000.3.1 | 1.1.43-160000.3.1 | Sep 25, 2025 | A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash. | |
| CVE-2025-8732 | Low | 3.3 | < 1.1.43-160000.4.1 | 1.1.43-160000.4.1 | Aug 8, 2025 | A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has b |
- affected < 1.1.43-160000.4.1fixed 1.1.43-160000.4.1
A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input is not properly released under certain conditions. When a user submits input consisting only of whitespace, the program skips command executio
- affected < 1.1.43-160000.4.1fixed 1.1.43-160000.4.1
A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs
- affected < 1.1.43-160000.4.1fixed 1.1.43-160000.4.1
A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent iss
- affected < 1.1.43-160000.3.1fixed 1.1.43-160000.3.1
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This c
- affected < 1.1.43-160000.3.1fixed 1.1.43-160000.3.1
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
- affected < 1.1.43-160000.4.1fixed 1.1.43-160000.4.1
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has b