icon

We found results for “

CVE-2025-49794

Good to know:

icon

Date: June 16, 2025

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

Severity Score

Severity Score

Weakness Type (CWE)

Expired Pointer Dereference

CWE-825

Top Fix

icon

Upgrade Version

Upgrade to version https://gitlab.gnome.org/GNOME/libxml2.git - no_fix

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us