RHSA-2026:7519

Vulnerability from csaf_redhat - Published: 2026-04-10 21:28 - Updated: 2026-04-21 22:07
Summary
Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
Severity
Important
Notes
Topic: An update for Red Hat Hardened Images RPMs is now available.
Details: This update includes the following RPMs: libxml2: * libxml2-16-2.15.2-0.3.hum1 (aarch64, x86_64) * libxml2-2.15.2-0.3.hum1 (aarch64, x86_64) * libxml2-devel-2.15.2-0.3.hum1 (aarch64, x86_64) * libxml2-static-2.15.2-0.3.hum1 (aarch64, x86_64) * python3-libxml2-2.15.2-0.3.hum1 (aarch64, x86_64) * libxml2-2.15.2-0.3.hum1.src (src)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
CVE-2025-6021

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-787 - Out-of-bounds Write
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.
CVE-2025-6170

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

2.5 (Low)
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
CWE-121 - Stack-based Buffer Overflow
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to a widespread installation base, or stability. It is strongly recommended to apply the upstream patch once available.
CVE-2025-9714

A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.

6.2 (Medium)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-606 - Unchecked Input for Loop Condition
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the 'ulimit' shell built-in or the 'limits.conf' file.
CVE-2025-26434

An out of bounds read flaw has been discovered in libxml2. This flaw could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

5.5 (Medium)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
CVE-2025-32414

A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.

5.6 (Medium)
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
CWE-393 - Return of Wrong Status Code
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
CVE-2025-32415

A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-125 - Out-of-bounds Read
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround Do not process untrusted files with the libxml2 library.
CVE-2025-49794

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CWE-825 - Expired Pointer Dereference
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround There's no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.
CVE-2025-49795

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-825 - Expired Pointer Dereference
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.
CVE-2025-49796

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

9.1 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CWE-125 - Out-of-bounds Read
Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://images.redhat.com/ https://access.redhat.com/errata/RHSA-2026:7519
Workaround There's no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.
References
https://access.redhat.com/errata/RHSA-2026:7519 self
https://images.redhat.com/ external
https://access.redhat.com/security/cve/CVE-2025-32415 external
https://access.redhat.com/security/updates/classi… external
https://access.redhat.com/security/cve/CVE-2025-32414 external
https://access.redhat.com/security/cve/CVE-2025-6170 external
https://access.redhat.com/security/cve/CVE-2025-6021 external
https://access.redhat.com/security/cve/CVE-2025-49796 external
https://access.redhat.com/security/cve/CVE-2025-49795 external
https://access.redhat.com/security/cve/CVE-2025-49794 external
https://access.redhat.com/security/cve/CVE-2025-9714 external
https://access.redhat.com/security/cve/CVE-2025-26434 external
https://security.access.redhat.com/data/csaf/v2/a… self
https://access.redhat.com/security/cve/CVE-2025-6021 self
https://bugzilla.redhat.com/show_bug.cgi?id=2372406 external
https://www.cve.org/CVERecord?id=CVE-2025-6021 external
https://nvd.nist.gov/vuln/detail/CVE-2025-6021 external
https://gitlab.gnome.org/GNOME/libxml2/-/issues/926 external
https://access.redhat.com/security/cve/CVE-2025-6170 self
https://bugzilla.redhat.com/show_bug.cgi?id=2372952 external
https://www.cve.org/CVERecord?id=CVE-2025-6170 external
https://nvd.nist.gov/vuln/detail/CVE-2025-6170 external
https://gitlab.gnome.org/GNOME/libxml2/-/issues/941 external
https://access.redhat.com/security/cve/CVE-2025-9714 self
https://bugzilla.redhat.com/show_bug.cgi?id=2392605 external
https://www.cve.org/CVERecord?id=CVE-2025-9714 external
https://nvd.nist.gov/vuln/detail/CVE-2025-9714 external
https://gitlab.gnome.org/GNOME/libxml2/-/commit/6… external
https://gitlab.gnome.org/GNOME/libxslt/-/issues/148 external
https://access.redhat.com/security/cve/CVE-2025-26434 self
https://bugzilla.redhat.com/show_bug.cgi?id=2393475 external
https://www.cve.org/CVERecord?id=CVE-2025-26434 external
https://nvd.nist.gov/vuln/detail/CVE-2025-26434 external
https://gitlab.gnome.org/GNOME/libxml2/-/commit/5… external
https://security-tracker.debian.org/tracker/CVE-2… external
https://source.android.com/security/bulletin/android-16 external
https://access.redhat.com/security/cve/CVE-2025-32414 self
https://bugzilla.redhat.com/show_bug.cgi?id=2358121 external
https://www.cve.org/CVERecord?id=CVE-2025-32414 external
https://nvd.nist.gov/vuln/detail/CVE-2025-32414 external
https://gitlab.gnome.org/GNOME/libxml2/-/issues/889 external
https://access.redhat.com/security/cve/CVE-2025-32415 self
https://bugzilla.redhat.com/show_bug.cgi?id=2360768 external
https://www.cve.org/CVERecord?id=CVE-2025-32415 external
https://nvd.nist.gov/vuln/detail/CVE-2025-32415 external
https://gitlab.gnome.org/GNOME/libxml2/-/issues/890 external
https://access.redhat.com/security/cve/CVE-2025-49794 self
https://bugzilla.redhat.com/show_bug.cgi?id=2372373 external
https://www.cve.org/CVERecord?id=CVE-2025-49794 external
https://nvd.nist.gov/vuln/detail/CVE-2025-49794 external
https://gitlab.gnome.org/GNOME/libxml2/-/issues/931 external
https://access.redhat.com/security/cve/CVE-2025-49795 self
https://bugzilla.redhat.com/show_bug.cgi?id=2372379 external
https://www.cve.org/CVERecord?id=CVE-2025-49795 external
https://nvd.nist.gov/vuln/detail/CVE-2025-49795 external
https://gitlab.gnome.org/GNOME/libxml2/-/issues/932 external
https://access.redhat.com/security/cve/CVE-2025-49796 self
https://bugzilla.redhat.com/show_bug.cgi?id=2372385 external
https://www.cve.org/CVERecord?id=CVE-2025-49796 external
https://nvd.nist.gov/vuln/detail/CVE-2025-49796 external
https://gitlab.gnome.org/GNOME/libxml2/-/issues/933 external
Acknowledgments
Ahmed Lekssays
To clipboard 

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for Red Hat Hardened Images RPMs is now available.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "This update includes the following RPMs:\n\nlibxml2:\n  * libxml2-16-2.15.2-0.3.hum1 (aarch64, x86_64)\n  * libxml2-2.15.2-0.3.hum1 (aarch64, x86_64)\n  * libxml2-devel-2.15.2-0.3.hum1 (aarch64, x86_64)\n  * libxml2-static-2.15.2-0.3.hum1 (aarch64, x86_64)\n  * python3-libxml2-2.15.2-0.3.hum1 (aarch64, x86_64)\n  * libxml2-2.15.2-0.3.hum1.src (src)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:7519",
        "url": "https://access.redhat.com/errata/RHSA-2026:7519"
      },
      {
        "category": "external",
        "summary": "https://images.redhat.com/",
        "url": "https://images.redhat.com/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-32415",
        "url": "https://access.redhat.com/security/cve/CVE-2025-32415"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-32414",
        "url": "https://access.redhat.com/security/cve/CVE-2025-32414"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-6170",
        "url": "https://access.redhat.com/security/cve/CVE-2025-6170"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-6021",
        "url": "https://access.redhat.com/security/cve/CVE-2025-6021"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-49796",
        "url": "https://access.redhat.com/security/cve/CVE-2025-49796"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-49795",
        "url": "https://access.redhat.com/security/cve/CVE-2025-49795"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-49794",
        "url": "https://access.redhat.com/security/cve/CVE-2025-49794"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
        "url": "https://access.redhat.com/security/cve/CVE-2025-9714"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-26434",
        "url": "https://access.redhat.com/security/cve/CVE-2025-26434"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7519.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2026-04-21T22:07:22+00:00",
      "generator": {
        "date": "2026-04-21T22:07:22+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.5"
        }
      },
      "id": "RHSA-2026:7519",
      "initial_release_date": "2026-04-10T21:28:45+00:00",
      "revision_history": [
        {
          "date": "2026-04-10T21:28:45+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-04-21T22:04:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-04-21T22:07:22+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Hardened Images",
                "product": {
                  "name": "Red Hat Hardened Images",
                  "product_id": "Red Hat Hardened Images",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:hummingbird:1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Hardened Images"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libxml2-main@aarch64",
                "product": {
                  "name": "libxml2-main@aarch64",
                  "product_id": "libxml2-main@aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libxml2-16@2.15.2-0.3.hum1?arch=aarch64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-aarch64-rpms"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libxml2-main@x86_64",
                "product": {
                  "name": "libxml2-main@x86_64",
                  "product_id": "libxml2-main@x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libxml2-16@2.15.2-0.3.hum1?arch=x86_64\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-x86_64-rpms"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "libxml2-main@src",
                "product": {
                  "name": "libxml2-main@src",
                  "product_id": "libxml2-main@src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/libxml2@2.15.2-0.3.hum1?arch=src\u0026distro=hummingbird-20251124\u0026repository_id=public-hummingbird-source-rpms"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-main@aarch64 as a component of Red Hat Hardened Images",
          "product_id": "Red Hat Hardened Images:libxml2-main@aarch64"
        },
        "product_reference": "libxml2-main@aarch64",
        "relates_to_product_reference": "Red Hat Hardened Images"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-main@src as a component of Red Hat Hardened Images",
          "product_id": "Red Hat Hardened Images:libxml2-main@src"
        },
        "product_reference": "libxml2-main@src",
        "relates_to_product_reference": "Red Hat Hardened Images"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "libxml2-main@x86_64 as a component of Red Hat Hardened Images",
          "product_id": "Red Hat Hardened Images:libxml2-main@x86_64"
        },
        "product_reference": "libxml2-main@x86_64",
        "relates_to_product_reference": "Red Hat Hardened Images"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Ahmed Lekssays"
          ]
        }
      ],
      "cve": "CVE-2025-6021",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "discovery_date": "2025-06-12T07:55:45.428000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2372406"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service  from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-6021"
        },
        {
          "category": "external",
          "summary": "RHBZ#2372406",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926"
        }
      ],
      "release_date": "2025-06-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Ahmed Lekssays"
          ]
        }
      ],
      "cve": "CVE-2025-6170",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2025-06-16T05:33:22.955000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2372952"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security team has rated the severity of this vulnerability as Low, since it affects only the interactive shell mode of the xmllint tool and requires a user to manually run the tool and enter or receive specially crafted input. The exploitation requires local access and a highly specific usage scenario that is uncommon in typical environments. While it can cause a crash, the impact is limited to availability, and exploitation is unlikely in real-world deployments.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-6170"
        },
        {
          "category": "external",
          "summary": "RHBZ#2372952",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-6170",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6170",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6170"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/941"
        }
      ],
      "release_date": "2025-06-16T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to a widespread installation base, or stability. It is strongly recommended to apply the upstream patch once available.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling"
    },
    {
      "cve": "CVE-2025-9714",
      "cwe": {
        "id": "CWE-606",
        "name": "Unchecked Input for Loop Condition"
      },
      "discovery_date": "2025-09-02T13:03:56.452000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2392605"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-9714"
        },
        {
          "category": "external",
          "summary": "RHBZ#2392605",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
          "url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
        }
      ],
      "release_date": "2025-09-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
    },
    {
      "cve": "CVE-2025-26434",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2025-09-05T17:01:34.688576+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2393475"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An out of bounds read flaw has been discovered in libxml2. This flaw could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxml2: Libxml2 out of bounds read",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-26434"
        },
        {
          "category": "external",
          "summary": "RHBZ#2393475",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393475"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-26434",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-26434"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-26434",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26434"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5e7874015ef5ed8b2705eb2f7b0960f56f7760ea",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/5e7874015ef5ed8b2705eb2f7b0960f56f7760ea"
        },
        {
          "category": "external",
          "summary": "https://security-tracker.debian.org/tracker/CVE-2025-26434",
          "url": "https://security-tracker.debian.org/tracker/CVE-2025-26434"
        },
        {
          "category": "external",
          "summary": "https://source.android.com/security/bulletin/android-16",
          "url": "https://source.android.com/security/bulletin/android-16"
        }
      ],
      "release_date": "2025-09-05T16:10:02.497000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libxml2: Libxml2 out of bounds read"
    },
    {
      "cve": "CVE-2025-32414",
      "cwe": {
        "id": "CWE-393",
        "name": "Return of Wrong Status Code"
      },
      "discovery_date": "2025-04-08T04:00:51.284113+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2358121"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxml2: Out-of-Bounds Read in libxml2",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nThe vulnerability exists in the libxml2 package the bug arises because of a mismatch between characters vs. bytes handling: functions xmlPythonFileRead and xmlPythonFileReadRaw may compute a length incorrectly (mistaking character count for byte count), but for a successful exploitation of this bug requires local access, on top of that the path to exploitation is non trivial, where handling of python binding\u0027s and specific input handling of bytes and characters are required which makes this outside the scope of an attacker and increases the attack complexity, for these reasons this has been marked as moderate by Red Hat.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-32414"
        },
        {
          "category": "external",
          "summary": "RHBZ#2358121",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
        }
      ],
      "release_date": "2025-04-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libxml2: Out-of-Bounds Read in libxml2"
    },
    {
      "cve": "CVE-2025-32415",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-04-17T18:00:46.954384+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2360768"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the libxml2 library. A heap-based underflow can be triggered when a crafted XML document is validated against an XML schema with certain identity constraints or when a crafted XML schema is used, causing a crash to the application linked to the library and resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this issue, an attacker needs to be able to process a specially crafted XML file with the application linked to the libxml2 library. Additionally, the only security impact of this vulnerability is a denial of service.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-32415"
        },
        {
          "category": "external",
          "summary": "RHBZ#2360768",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2360768"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-32415",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32415",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32415"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/890"
        }
      ],
      "release_date": "2025-04-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "Do not process untrusted files with the libxml2 library.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables"
    },
    {
      "cve": "CVE-2025-49794",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2025-06-11T21:33:43.044000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2372373"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49794"
        },
        {
          "category": "external",
          "summary": "RHBZ#2372373",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931"
        }
      ],
      "release_date": "2025-06-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
    },
    {
      "cve": "CVE-2025-49795",
      "cwe": {
        "id": "CWE-825",
        "name": "Expired Pointer Dereference"
      },
      "discovery_date": "2025-06-12T00:31:08.194000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2372379"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxml: Null pointer dereference leads to Denial of service (DoS)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability marked as Important rather than Moderate due to its triggerability through untrusted input and impact on availability in a widely-used XML processing library like libxml2, which is often embedded in system-level and server-side applications. Although it is \"just\" a NULL pointer dereference\u2014typically classified as a DoS\u2014the context significantly elevates its severity. libxml2 frequently operates in environments that parse external XML content, such as web services, security scanners, and document processors. A crafted XML exploiting malformed XPath in Schematron schemas can reliably crash the application without requiring special privileges or user interaction.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49795"
        },
        {
          "category": "external",
          "summary": "RHBZ#2372379",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372379"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49795",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49795",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49795"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/932",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/932"
        }
      ],
      "release_date": "2025-06-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libxml: Null pointer dereference leads to Denial of service (DoS)"
    },
    {
      "cve": "CVE-2025-49796",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-06-12T00:35:26.470000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2372385"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "libxml: Type confusion leads to Denial of service (DoS)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat Hardened Images:libxml2-main@aarch64",
          "Red Hat Hardened Images:libxml2-main@src",
          "Red Hat Hardened Images:libxml2-main@x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49796"
        },
        {
          "category": "external",
          "summary": "RHBZ#2372385",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
        },
        {
          "category": "external",
          "summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933",
          "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933"
        }
      ],
      "release_date": "2025-06-11T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-10T21:28:45+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\nhttps://images.redhat.com/",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7519"
        },
        {
          "category": "workaround",
          "details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
          "product_ids": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat Hardened Images:libxml2-main@aarch64",
            "Red Hat Hardened Images:libxml2-main@src",
            "Red Hat Hardened Images:libxml2-main@x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "libxml: Type confusion leads to Denial of service (DoS)"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.