Lucene search
RedHatRHSA-2024:2679HistoryMay 02, 2024 - 2:07 p.m.
(RHSA-2024:2679) Moderate: libxml2 security update
2024-05-0214:07:17
access.redhat.com
26
libxml2 library
development toolbox
xml standards
use-after-free
xmlreader
cve-2024-25062
security update
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.3
Confidence
High
EPSS
0.001
Percentile
17.0%
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
- libxml2: use-after-free in XMLReader (CVE-2024-25062)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | ppc64le | libxml2-debuginfo | < 2.9.13-6.el9_4 | libxml2-debuginfo-2.9.13-6.el9_4.ppc64le.rpm |
| RedHat | 9 | aarch64 | python3-libxml2 | < 2.9.13-6.el9_4 | python3-libxml2-2.9.13-6.el9_4.aarch64.rpm |
| RedHat | 9 | i686 | libxml2 | < 2.9.13-6.el9_4 | libxml2-2.9.13-6.el9_4.i686.rpm |
| RedHat | 9 | i686 | libxml2-devel | < 2.9.13-6.el9_4 | libxml2-devel-2.9.13-6.el9_4.i686.rpm |
| RedHat | 9 | s390x | libxml2 | < 2.9.13-6.el9_4 | libxml2-2.9.13-6.el9_4.s390x.rpm |
| RedHat | 9 | i686 | libxml2-debugsource | < 2.9.13-6.el9_4 | libxml2-debugsource-2.9.13-6.el9_4.i686.rpm |
| RedHat | 9 | aarch64 | libxml2 | < 2.9.13-6.el9_4 | libxml2-2.9.13-6.el9_4.aarch64.rpm |
| RedHat | 9 | x86_64 | libxml2-debuginfo | < 2.9.13-6.el9_4 | libxml2-debuginfo-2.9.13-6.el9_4.x86_64.rpm |
| RedHat | 9 | x86_64 | libxml2-debugsource | < 2.9.13-6.el9_4 | libxml2-debugsource-2.9.13-6.el9_4.x86_64.rpm |
| RedHat | 9 | aarch64 | libxml2-devel | < 2.9.13-6.el9_4 | libxml2-devel-2.9.13-6.el9_4.aarch64.rpm |
Related
nessus
nessus
SUSE SLES12 Security Update : libxml2 (SUSE-SU-2024:0556-1)
2024-02-21 00:00:00
SUSE SLES15 Security Update : libxml2 (SUSE-SU-2024:0613-2)
2024-06-11 00:00:00
AIX 7.3 TL 2 : libxml2 (IJ50601)
2024-05-10 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0461-2)
2024-05-30 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1489)
2024-04-08 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1791)
2024-06-03 00:00:00
osv
osv
Use-after-free in libxml2 via Nokogiri::XML::Reader
2024-03-18 20:38:40
Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062
2024-02-05 20:22:56
libxml2 vulnerability
2024-02-26 13:57:11
prion
prion
Design/Logic Flaw
2024-02-04 16:15:00
redhat
redhat
(RHSA-2024:3625) Moderate: libxml2 security update
2024-06-05 09:15:48
(RHSA-2024:3303) Moderate: libxml2 security update
2024-05-23 05:51:13
(RHSA-2024:3626) Moderate: libxml2 security update
2024-06-05 09:20:39
alpinelinux
alpinelinux
CVE-2024-25062
2024-02-04 16:15:45
slackware
slackware
[slackware-security] libxml2
2024-02-04 19:43:16
rocky
rocky
libxml2 security update
2024-06-14 13:59:16
libxml2 security update
2024-05-10 14:32:36
almalinux
almalinux
Moderate: libxml2 security update
2024-05-02 00:00:00
Moderate: libxml2 security update
2024-06-05 00:00:00
redos
redos
ROS-20240410-16
2024-04-10 00:00:00
mageia
mageia
Updated libxml2 packages fix a security vulnerability
2024-05-09 05:40:29
github
github
Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062
2024-02-05 20:22:56
Use-after-free in libxml2 via Nokogiri::XML::Reader
2024-03-18 20:38:40
ubuntucve
ubuntucve
CVE-2024-25062
2024-02-04 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2024-05-07 00:00:00
libxml2 security update
2024-06-05 00:00:00
veracode
veracode
Use After Free
2024-02-06 12:32:55
cloudfoundry
cloudfoundry
USN-6658-1: libxml2 vulnerability | Cloud Foundry
2024-04-04 00:00:00
cvelist
cvelist
CVE-2024-25062
2024-02-04 00:00:00
debiancve
debiancve
CVE-2024-25062
2024-02-04 16:15:45
cloudlinux
cloudlinux
libxml2: Fix of CVE-2024-25062
2024-02-22 22:00:35
ibm
ibm
aix
aix
AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)
2024-05-08 16:18:28
ubuntu
ubuntu
libxml2 vulnerability
2024-02-26 00:00:00
libxml2 vulnerability
2024-03-11 00:00:00
freebsd
freebsd
electron{27,28} -- vulnerability in libxml2
2024-03-06 00:00:00
redhatcve
redhatcve
CVE-2024-25062
2024-02-05 04:43:18
cbl_mariner
cbl_mariner
CVE-2024-25062 affecting package libxml2 for versions less than 2.10.4-4
2024-09-20 20:58:04
nvd
nvd
CVE-2024-25062
2024-02-04 16:15:45
cve
cve
CVE-2024-25062
2024-02-04 16:15:45
rubygems
rubygems
Improper Handling of Unexpected Data Type in Nokogiri
2024-02-03 21:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0730
2024-02-23 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0572
2024-02-21 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0215
2024-02-21 00:00:00
gentoo
gentoo
libxml2: Multiple Vulnerabilities
2024-02-09 00:00:00
ics
ics
Siemens SINEC NMS
2024-08-15 12:00:00
hp
hp
HP ThinPro 8.0 SP 9 Security Updates
2024-06-17 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2024
2024-07-16 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.3
Confidence
High
EPSS
0.001
Percentile
17.0%
Related for RHSA-2024:2679