Out-of-bounds Read in bitwiseworks:libxml2-os2
CVE-2025-49796
- bitwiseworks:libxml2-os2
- gerph:libxml2
- jupitex:node-libxml
- libxml2
- libxml
- libxmljs
- libxml2-nodejs
- libxml2-python3
- OpenCMISS-Dependencies:libxml2
Summary
A vulnerability was found in libxml2. Processing certain "sch:name" elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a Denial of Service (DoS) or other possible undefined behavior due to sensitive data being corrupted in memory. The issue affects libxml and libxml2 versions v2.7.3 and after, LIBXML2_2_6_21 and after, LIBXML2.6.31 and after. This CVE shares the same fix as CVE-2025-49794.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- NONE
- HIGH
CWE-125 - Out-of-Bounds Read
Out-of-bounds read is a vulnerability that allows access to memory beyond the authorized accessible location. Such a vulnerability compromises the confidentiality of the trusted environment in the application and enables an attacker to launch further attacks by leveraging the exposed information.
References
Advisory Timeline
- Published
