python-libxml2 (SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5 package python-libxml2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (18)
CVE-2025-49794 — CVSS 9.1 (critical): A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML…
CVE-2025-49796 — CVSS 9.1 (critical): A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue…
CVE-2024-56171 — CVSS 7.8 (high): libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in…
CVE-2025-7425 — CVSS 7.8 (high): A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When…
CVE-2025-24928 — CVSS 7.8 (high): libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD…
CVE-2025-6021 — CVSS 7.5 (high): A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer…
CVE-2025-9714 — CVSS 6.2 (medium): Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow…
CVE-2026-1757 — CVSS 6.2 (medium): A flaw was identified in the interactive shell of the xmllint utility, part of the libxml2 project, where memory allocated for user input…
CVE-2026-0990 — CVSS 5.9 (medium): A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI…
CVE-2025-32414 — CVSS 5.6 (medium): In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an…
CVE-2025-10911 — CVSS 5.5 (medium): A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and…
CVE-2026-0989 — CVSS 3.7 (low): A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a…
CVE-2025-8732 — CVSS 3.3 (low): A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function…
CVE-2025-32415 — CVSS 2.9 (low): In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To…
CVE-2026-0992 — CVSS 2.9 (low): A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that…
CVE-2025-27113 — CVSS 2.9 (low): libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.
CVE-2025-6170 — CVSS 2.5 (low): A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long…