Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. https://gitlab.gnome.org/GNOME/libxml2/-/issues/535
Created libxml2 tracking bugs for this issue: Affects: fedora-all [bug 2236390] Created mingw-libxml2 tracking bugs for this issue: Affects: epel-all [bug 2236391] Affects: fedora-all [bug 2236392]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.8 Extended Update Support Via RHSA-2023:7544 https://access.redhat.com/errata/RHSA-2023:7544
This issue has been addressed in the following products: Red Hat JBoss Core Services Via RHSA-2023:7626 https://access.redhat.com/errata/RHSA-2023:7626
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2023:7747 https://access.redhat.com/errata/RHSA-2023:7747
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2024:0119 https://access.redhat.com/errata/RHSA-2024:0119
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2024:0413 https://access.redhat.com/errata/RHSA-2024:0413
This issue has been addressed in the following products: Red Hat JBoss Core Services Via RHSA-2024:1317 https://access.redhat.com/errata/RHSA-2024:1317