Debian Bug report logs -
#1006489
libxml2: CVE-2022-23308: Use-after-free of ID and IDREF attributes
Package:
src:libxml2;
Maintainer for src:libxml2 is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Sat, 26 Feb 2022 10:03:01 UTC
Sever ...
Several security issues were fixed in libxml2 ...
validc in libxml2 before 2913 has a use-after-free of ID and IDREF attributes (CVE-2022-23308) ...
parserc in libxml2 before 295 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name (CVE-2017-16931)
GNOME project libxml2 v2910 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entitiesc The issue has been ...
Synopsis
Moderate: libxml2 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a se ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift GitOps 14OpenShift GitOps v144Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 12 (GitOps v123)Re ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 SP11 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
Updated packages that provide Red Hat JBoss Core Services Apache HTTP Server 2 ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2437 SP11 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat JBoss Core Services Apache HTTP Server 2437 Service Pack 11 zip release for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, and Microsoft Windows is availableRed Hat Product Securit ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 171 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 171 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift GitOps 13OpenShift GitOps v136 for OCP 47+Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Moderate: Gatekeeper Operator v02 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Gatekeeper Operator v02Red Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available f ...
Synopsis
Low: Release of OpenShift Serverless Version 1220
Type/Severity
Security Advisory: Low
Topic
OpenShift Serverless version 1220 contains a moderate security impactThe References section contains CVE links providing detailed severity ratings for each vulnerability Ratings are based on a Common Vulnerability Scoring System (CVSS) ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 243 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 243 General Availability release images This update provides security fixes, bug fixes, and updates the container imagesRed Hat Product Security has ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 154 security update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 154 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichg ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 238 security and container updates
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 238 GeneralAvailability release images, which provide security and container updatesRed Hat Product Security has rated this update as having a securit ...
Use-after-free of ID and IDREF attributes in validc ...
LTS-96 has been updated in the LTS channel to 9604664208 (Platform Version: 14268830) for most ChromeOS devices Want to know more about Long-term Support? Click here This update contains multiple Security fixes, including:1278608 High CVE-2021-43527 Security: CA certificate import exploitable with lar ...
LTS-96 has been updated in the LTS channel to 9604664209 (Platform Version: 14268840) for most ChromeOS devices Want to know more about Long-term Support? Click here This update contains multiple Security fixes, including:1316946 High CVE-2022-1638 [v8] Integer overflow leading to OOB/CHECK in icu_71: ...
validc in libxml2 before 2913 has a use-after-free of ID and IDREF attributes (CVE-2022-23308)
A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write (CVE-2022-29824) ...
validc in libxml2 before 2913 has a use-after-free of ID and IDREF attributes (CVE-2022-23308)
A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write (CVE-2022-29824) ...
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page
Apple security documents reference vulnerabilities by CVE-ID  ...
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page
Apple security documents reference vulnerabilities by CVE-ID  ...
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page
Apple security documents reference vulnerabilities by CVE-ID  ...