CyberSec.Space Logo
返回 CVE 浏览器

CVE-2025-49796

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.1890%
EPSS Percentile23.40th
Published2025年6月16日
Last Modified2026年6月2日

Vulnerability Description

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://access.redhat.com/errata/RHSA-2025:10630
🔗 https://access.redhat.com/errata/RHSA-2025:10698
🔗 https://access.redhat.com/errata/RHSA-2025:10699
🔗 https://access.redhat.com/errata/RHSA-2025:11580
🔗 https://access.redhat.com/errata/RHSA-2025:12098
🔗 https://access.redhat.com/errata/RHSA-2025:12099
🔗 https://access.redhat.com/errata/RHSA-2025:12199
🔗 https://access.redhat.com/errata/RHSA-2025:12237

相关漏洞威胁

CVE-2025-428510.0

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rolantis Information Technol...

CVE-2025-437810.0

Cleartext Transmission of Sensitive Information, Use of Hard-coded Credentials vulnerability in Ataturk University ATA-AOF Mobile ...

CVE-2025-524310.0

Unrestricted Upload of File with Dangerous Type, Improper Neutralization of Special Elements used in an OS Command ('OS Command In...

CVE-2025-958810.0

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Iron Mountain Archivin...