Vulnerability Name:

CVE-2009-2416 (CCN-52321)

Assigned:2009-08-10
Published:2009-08-10
Updated:2023-02-13
Summary:Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.3 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.3 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Athentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.3 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): 
Access Complexity (AC): 
Authentication (Au): 
Impact Metrics:Confidentiality (C): 
Integrity (I): 
Availibility (A): 
Vulnerability Type:CWE-416
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2009-1885

Source: MITRE
Type: CNA
CVE-2009-2416

Source: CCN
Type: Google Chrome Releases
CVE-2009-2935 Unauthorized memory read from Javascript

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: RHSA-2009-1206
Moderate: libxml and libxml2 security update

Source: CCN
Type: SA36174
Python XML Processing Denial of Service Vulnerabilities

Source: CCN
Type: SA36201
Xerces-C++ XML DTD Structures Parsing Denial of Service

Source: CCN
Type: SA36207
libxml2 DTD Parsing Denial of Service Vulnerabilities

Source: CCN
Type: SA36417
Google Chrome Multiple Vulnerabilities

Source: CCN
Type: SA36811
Sun StarOffice / StarSuite XML Parsing Multiple Vulnerabilities

Source: CCN
Type: SA37346
Apple Safari Multiple Vulnerabilities

Source: CCN
Type: Sun Alert ID: 266088
Security Vulnerability in StarOffice/StarSuite 8 and 9 Related to XML Document Processing may Lead to Arbitrary Code Execution

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Apple Safari Web site
About the security content of Safari 4.0.4

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Apache-SVN Repository
Revision 781488

Source: CCN
Type: CERT-FI Web site
CERT-FI Advisory on XML libraries

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: Patch
secalert@redhat.com

Source: DEBIAN
Type: DSA-1859
libxml2 -- several vulnerabilities

Source: DEBIAN
Type: DSA-1861
libxml -- several vulnerabilities

Source: CCN
Type: GLSA-201009-07
libxml2: Denial of Service

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: OSVDB ID: 56859
Apache Xerces-C++ Multiple Sub-project XML Nested DTD Structures Parsing Recursion Error DoS

Source: CCN
Type: OSVDB ID: 57027
Python libexpat Malformed XML Input DoS

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: BID-35986
Xerces-C++ Nested DTD Structure XML Parsing Remote Denial of Service Vulnerability

Source: CCN
Type: BID-35988
Python Expat Wrapper Library Unspecified XML Parsing Remote Denial of Service Vulnerability

Source: CCN
Type: BID-36010
libxml2 Multiple Memory Corruption Vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: USN-815-1
libxml2 vulnerabilities

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 515205
CVE-2009-2416 libxml, libxml2, mingw32-libxml2: Pointer use-after-free flaws by parsing Notation and Enumeration attribute types

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: XF
Type: UNKNOWN
xerces-c-dtd-dos(52321)

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: secalert@redhat.com
Type: UNKNOWN
secalert@redhat.com

Source: SUSE
Type: SUSE-SR:2009:013
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2009:014
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2009:015
SUSE Security Summary Report

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2009-2416 (CCN-52947)

    Assigned:2009-08-07
    Published:2009-08-07
    Updated:2009-08-07
    Summary:Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
    CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): None
    Integrity (I): None
    Availibility (A): Low
    CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
    3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
    3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Athentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    4.3 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
    3.2 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
    Exploitability Metrics:Access Vector (AV): 
    Access Complexity (AC): 
    Authentication (Au): 
    Impact Metrics:Confidentiality (C): 
    Integrity (I): 
    Availibility (A): 
    Vulnerability Type:CWE-416
    Vulnerability Consequences:Denial of Service
    References:Source: MITRE
    Type: CNA
    CVE-2009-2416

    Source: CCN
    Type: RHSA-2009-1206
    Moderate: libxml and libxml2 security update

    Source: CCN
    Type: SA36207
    libxml2 DTD Parsing Denial of Service Vulnerabilities

    Source: CCN
    Type: SA36417
    Google Chrome Multiple Vulnerabilities

    Source: CCN
    Type: SA36811
    Sun StarOffice / StarSuite XML Parsing Multiple Vulnerabilities

    Source: CCN
    Type: SA37346
    Apple Safari Multiple Vulnerabilities

    Source: CCN
    Type: Sun Alert ID: 266088
    Security Vulnerability in StarOffice/StarSuite 8 and 9 Related to XML Document Processing may Lead to Arbitrary Code Execution

    Source: CCN
    Type: Apple Web site
    About Security Update 2009-006 / Mac OS X v10.6.2

    Source: CCN
    Type: Apple Safari Web site
    About the security content of Safari 4.0.4

    Source: CCN
    Type: CERT-FI Web site
    CERT-FI Advisory on XML libraries

    Source: DEBIAN
    Type: DSA-1859
    libxml2 -- several vulnerabilities

    Source: DEBIAN
    Type: DSA-1861
    libxml -- several vulnerabilities

    Source: CCN
    Type: GLSA-201009-07
    libxml2: Denial of Service

    Source: CCN
    Type: BID-36010
    libxml2 Multiple Memory Corruption Vulnerabilities

    Source: CCN
    Type: USN-815-1
    libxml2 vulnerabilities

    Source: CCN
    Type: libxml Web site
    The XML C parser and toolkit of Gnome

    Source: XF
    Type: UNKNOWN
    libxml2-notation-enumeration-dos(52947)

    Source: SUSE
    Type: SUSE-SR:2009:013
    SUSE Security Summary Report

    Source: SUSE
    Type: SUSE-SR:2009:015
    SUSE Security Summary Report

    Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*
  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*
  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*
  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*
  • OR cpe:/a:xmlsoft:libxml2:2.6.32:*:*:*:*:*:*:*
  • OR cpe:/a:xmlsoft:libxml2:2.6.16:*:*:*:*:*:*:*
  • OR cpe:/a:xmlsoft:libxml2:2.6.26:*:*:*:*:*:*:*
  • OR cpe:/a:xmlsoft:libxml2:2.6.27:*:*:*:*:*:*:*
  • OR cpe:/a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:6.06:*:lts:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:x86-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:x86_64:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.4_beta:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2008.1:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu:8.04:*:lts:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.0:-:x86_64:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.2.1:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:5.0:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.0b:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.1b:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.2b:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.0.3b:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.1.0b:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:3.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:linux:2009.1:*:*:*:x86_64:*:*:*
  • OR cpe:/a:apple:safari:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apple:safari:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x:10.6.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:*:*:*:*
  • OR cpe:/o:mandriva:enterprise_server:5:*:*:*:x86_64:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:42389
    P
    Security update for kernel-firmware (Moderate)
    2022-05-25
    oval:org.opensuse.security:def:20092416
    V
    CVE-2009-2416
    2022-05-20
    oval:org.opensuse.security:def:42182
    P
    Security update for gzip (Important)
    2022-05-10
    oval:org.opensuse.security:def:31328
    P
    Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important)
    2021-12-14
    oval:org.opensuse.security:def:31709
    P
    Security update for java-1_8_0-openjdk (Important)
    2021-11-23
    oval:org.opensuse.security:def:32225
    P
    Security update for postgresql10 (Important)
    2021-11-22
    oval:org.opensuse.security:def:26162
    P
    Security update for pcre (Moderate)
    2021-11-10
    oval:org.opensuse.security:def:31697
    P
    Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:31294
    P
    Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:31698
    P
    Security update for transfig (Important)
    2021-10-29
    oval:org.opensuse.security:def:31696
    P
    Security update for postgresql10 (Important)
    2021-10-20
    oval:org.opensuse.security:def:32203
    P
    Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:26134
    P
    Security update for the Linux Kernel (Important)
    2021-09-23
    oval:org.opensuse.security:def:31686
    P
    Security update for xen (Important)
    2021-09-23
    oval:org.opensuse.security:def:31254
    P
    Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-08-25
    oval:org.opensuse.security:def:26109
    P
    Security update for unrar (Moderate)
    2021-08-25
    oval:org.opensuse.security:def:32164
    P
    Security update for java-1_8_0-openjdk (Important)
    2021-08-20
    oval:org.opensuse.security:def:31667
    P
    Security update for fetchmail (Moderate)
    2021-08-18
    oval:org.opensuse.security:def:31243
    P
    Security update for cpio (Important)
    2021-08-14
    oval:org.opensuse.security:def:26101
    P
    Security update for php74 (Important)
    2021-08-06
    oval:org.opensuse.security:def:31242
    P
    Security update for djvulibre (Important)
    2021-08-05
    oval:org.opensuse.security:def:32151
    P
    Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-07-27
    oval:org.opensuse.security:def:32946
    P
    Security update for freeradius-server (Moderate)
    2021-06-11
    oval:org.opensuse.security:def:36509
    P
    libxml2-devel-2.7.6-0.31.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42638
    P
    libxml2-2.7.6-0.31.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36231
    P
    libxml2-2.7.6-0.31.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:26070
    P
    Security update for spice (Important)
    2021-06-08
    oval:org.opensuse.security:def:32115
    P
    Security update for spice (Important)
    2021-06-08
    oval:org.opensuse.security:def:36508
    P
    libxml-1.8.17-481.19.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:26065
    P
    Security update for polkit (Important)
    2021-06-03
    oval:org.opensuse.security:def:26058
    P
    Security update for postgresql10 (Moderate)
    2021-05-27
    oval:org.opensuse.security:def:26059
    P
    Security update for postgresql12 (Moderate)
    2021-05-27
    oval:org.opensuse.security:def:26057
    P
    Security update for libX11 (Moderate)
    2021-05-26
    oval:org.opensuse.security:def:26043
    P
    Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:32907
    P
    Security update for gdm (Important)
    2021-04-28
    oval:org.opensuse.security:def:31162
    P
    Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)
    2021-04-28
    oval:org.opensuse.security:def:31609
    P
    Security update for sudo (Important)
    2021-04-20
    oval:org.opensuse.security:def:32062
    P
    Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:32064
    P
    Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:32059
    P
    Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:26211
    P
    Security update for glib2 (Important)
    2021-03-16
    oval:org.opensuse.security:def:26206
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:31742
    P
    Security update for git (Important)
    2021-03-09
    oval:org.opensuse.security:def:32269
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:26122
    P
    Security update for python-urllib3 (Moderate)
    2021-02-03
    oval:org.opensuse.security:def:26133
    P
    Security update for java-1_8_0-ibm (Moderate)
    2021-01-05
    oval:org.opensuse.security:def:26069
    P
    Security update for java-1_7_1-ibm (Moderate)
    2021-01-04
    oval:org.opensuse.security:def:25984
    P
    Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:32018
    P
    Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:32007
    P
    Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP3) (Important)
    2020-12-07
    oval:org.opensuse.security:def:31088
    P
    Security update for the Linux Kernel (Live Patch 31 for SLE 12 SP3) (Important)
    2020-12-07
    oval:org.opensuse.security:def:35982
    P
    libxml2-2.7.6-0.23.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:42015
    P
    libxml2-2.7.6-0.1.37 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35608
    P
    libxml2-2.7.6-0.1.37 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35775
    P
    libxml2-2.7.6-0.13.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:31449
    P
    Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25529
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31791
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26573
    P
    kernel-default on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25325
    P
    Security update for freetype2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31443
    P
    Security update for policycoreutils (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32363
    P
    Security update for sudo (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26556
    P
    gmime on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26790
    P
    ofed on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25171
    P
    Security update for mailman (Important)
    2020-12-01
    oval:org.opensuse.security:def:25817
    P
    Security update for pidgin-otr (Important)
    2020-12-01
    oval:org.opensuse.security:def:26635
    P
    quagga on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31996
    P
    Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26774
    P
    libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25533
    P
    Security update for ed (Low)
    2020-12-01
    oval:org.opensuse.security:def:26262
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25877
    P
    Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:27471
    P
    libpixman-1-0-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31535
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:25585
    P
    Security update for webkit2gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26459
    P
    Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:25401
    P
    Security update for freetype2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25935
    P
    Security update for libcares2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31386
    P
    Security update for openvpn-openssl1 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32307
    P
    Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:26264
    P
    Security update for gegl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27507
    P
    libxml2-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31915
    P
    Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26775
    P
    libxslt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25736
    P
    Security update for mozilla-nspr, mozilla-nss (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26483
    P
    Security update for chromium (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31957
    P
    Security update for gdk2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26739
    P
    libapr1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25532
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25838
    P
    Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:26833
    P
    tgt on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31461
    P
    Security update for postgresql94 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25501
    P
    Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:26410
    P
    Security update for freexl (Important)
    2020-12-01
    oval:org.opensuse.security:def:33194
    P
    libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25337
    P
    Security update for ucode-intel (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26981
    P
    libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25781
    P
    Security update for libqt4 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31903
    P
    Security update for fontconfig (Low)
    2020-12-01
    oval:org.opensuse.security:def:27472
    P
    libpng-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31076
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31783
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25751
    P
    Security update for libssh (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26736
    P
    libQtWebKit4-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25608
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26399
    P
    Security update for pdns (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31908
    P
    Security update for freetype2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31552
    P
    Security update for socat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25789
    P
    Security update for flash-player (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26512
    P
    Security update for pdns-recursor (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32573
    P
    libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31450
    P
    Security update for postgresql10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25444
    P
    Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26357
    P
    Security update for enigmail (Important)
    2020-12-01
    oval:org.opensuse.security:def:26776
    P
    libzip1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33155
    P
    libicu-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25160
    P
    Security update for icu (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26484
    P
    Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:26946
    P
    libecpg6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25780
    P
    Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31816
    P
    Security update for apport (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26004
    P
    Security update for shotwell (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26834
    P
    tomcat6 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25667
    P
    Security update for u-boot (Important)
    2020-12-01
    oval:org.opensuse.security:def:26687
    P
    e2fsprogs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25544
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26342
    P
    Security update for openjpeg2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31852
    P
    Recommended udpate for SUSE Manager Client Tools (Low)
    2020-12-01
    oval:org.opensuse.security:def:32451
    P
    Security update for xen (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27229
    P
    libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31460
    P
    Security update for postgresql94 (Important)
    2020-12-01
    oval:org.opensuse.security:def:26250
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32534
    P
    kde4-kgreeter-plugins on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25363
    P
    Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25958
    P
    Security update for libwpd (Important)
    2020-12-01
    oval:org.opensuse.security:def:26737
    P
    libadns1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32517
    P
    g3utils on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25159
    P
    Security update for LibVNCServer (Important)
    2020-12-01
    oval:org.opensuse.security:def:25856
    P
    Security update for gd (Important)
    2020-12-01
    oval:org.opensuse.security:def:26400
    P
    Security update for Chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:26308
    P
    Security update for python modules (Low)
    2020-12-01
    oval:org.opensuse.security:def:31759
    P
    Security update for LibVNCServer (Important)
    2020-12-01
    oval:org.opensuse.security:def:25955
    P
    Security update for gstreamer-0_10-plugins-bad (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26789
    P
    ntp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32739
    P
    libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25610
    P
    Security update for libxml2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26634
    P
    qt3 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31830
    P
    Security update for bind (Critical)
    2020-12-01
    oval:org.opensuse.security:def:26608
    P
    libxml2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25326
    P
    Security update for libvirt (Important)
    2020-12-01
    oval:org.opensuse.security:def:26261
    P
    Security update for python (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31530
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:32412
    P
    Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27194
    P
    liblzo2-2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31896
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25235
    P
    Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25874
    P
    Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:26688
    P
    ecryptfs-utils-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32473
    P
    Security update for xorg-x11-server (Important)
    2020-12-01
    oval:org.opensuse.security:def:25792
    P
    Security update for libvirt (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26343
    P
    Security update for MozillaThunderbird (Important)
    2020-12-01
    oval:org.opensuse.security:def:25891
    P
    Security update for libimobiledevice, usbmuxd (Important)
    2020-12-01
    oval:org.opensuse.security:def:27506
    P
    libxml on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31077
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25902
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26498
    P
    Security update for nextcloud (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32700
    P
    libMagickCore1-32bit on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:28958
    P
    RHSA-2009:1206 -- libxml and libxml2 security update (Moderate)
    2015-08-17
    oval:org.mitre.oval:def:13882
    P
    USN-815-1 -- libxml2 vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:13681
    P
    DSA-1859-1 libxml2 -- several
    2014-06-23
    oval:org.mitre.oval:def:8116
    P
    DSA-1861 libxml -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:13712
    P
    DSA-1861-1 libxml -- several
    2014-06-23
    oval:org.mitre.oval:def:8132
    P
    DSA-1859 libxml2 -- several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:22743
    P
    ELSA-2009:1206: libxml and libxml2 security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:7783
    V
    VMware libxml2 use-after-free vulnerability
    2014-01-20
    oval:org.mitre.oval:def:9262
    V
    Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
    2013-04-29
    oval:org.debian:def:1861
    V
    several vulnerabilities
    2009-08-13
    oval:com.redhat.rhsa:def:20091206
    P
    RHSA-2009:1206: libxml and libxml2 security update (Moderate)
    2009-08-10
    oval:org.debian:def:1859
    V
    several vulnerabilities
    2009-08-10
    BACK
    xmlsoft libxml2 2.5.10
    xmlsoft libxml2 2.6.32
    xmlsoft libxml2 2.6.16
    xmlsoft libxml2 2.6.26
    xmlsoft libxml2 2.6.27
    xmlsoft libxml 1.8.17
    gentoo linux *
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    canonical ubuntu 6.06
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 4.0
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    debian debian linux 4.0
    apple safari 3.0.1
    apple safari 3.0.2
    apple safari 3.0.3
    redhat enterprise linux 5
    mandrakesoft mandrake linux 2008.0
    mandrakesoft mandrake linux 2008.1 x86_64
    apple safari 3.0.4_beta
    apple mac os x 10.4.11
    apple mac os x server 10.4.11
    apple safari 3.1
    apple safari 3.0
    apple safari 3.0.4
    apple safari 3.1.1
    mandrakesoft mandrake linux 2008.1
    canonical ubuntu 8.04
    apple safari 3.1.2
    mandriva linux 2009.0
    mandriva linux 2009.0 -
    apple safari 3.2
    apple safari 3.2.1
    debian debian linux 5.0
    apple safari 3.2.2
    apple safari 3.0.0b
    apple safari 3.0.1b
    apple safari 3.0.2b
    apple safari 3.0.3b
    apple safari 3.1.0
    apple safari 3.1.0b
    apple safari 3.2.3
    apple safari 4.0
    apple safari 4.0.1
    mandriva linux 2009.1
    mandriva linux 2009.1
    apple safari 4.0.2
    apple safari 4.0.3
    apple mac os x 10.5.8
    apple mac os x server 10.5.8
    apple mac os x server 10.6
    apple mac os x 10.6
    apple mac os x server 10.6.1
    apple mac os x 10.6.1
    mandriva enterprise server 5
    mandriva enterprise server 5