Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 510
Alerts This Week
Warning Icon 1 510

SUSE Linux Micro 6.1 libxslt libxml2 Moderate XML Issues 20657-1

suse
Calendar Grey March 18, 2026
Dist Suse Esm H88
Update addresses six security weaknesses in libxslt and libxml2 for SUSE Linux Micro 6.1. Immediate installation recommended.
An update that solves six vulnerabilities and has eight fixes can now be installed.

Summary

## This update for libxslt, libxml2 fixes the following issues: libxml2: * CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) * CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `<nextCatalog>` elements (bsc#1256808, bsc#1256809, bsc#1256812) * CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) * CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) * CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553)

References

* bsc#1247850

* bsc#1247858

* bsc#1250553

* bsc#1256804

* bsc#1256805

* bsc#1256807

* bsc#1256808

* bsc#1256809

* bsc#1256810

* bsc#1256811

* bsc#1256812

* bsc#1257593

* bsc#1257594

* bsc#1257595

Cross-

* CVE-2025-10911

* CVE-2025-8732

* CVE-2026-0989

* CVE-2026-0990

* CVE-2026-0992

* CVE-2026-1757

CVSS scores:

* CVE-2025-10911 ( SUSE ): 6.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-10911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2025-10911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

* CVE-2025-8732 ( SUSE ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

* CVE-2025-8732 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

* CVE-2025-8732 ( NVD ): 1.9

Announcement ID: SUSE-SU-2026:20657-1
Release Date: 2026-03-06T11:35:58Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.