exploitDog

CVE-2025-27113

Опубликовано: 18 фев. 2025

Источник: debian

Описание

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libxml2	fixed	2.12.7+dfsg+really2.9.14-0.4		package

Примечания

https://gitlab.gnome.org/GNOME/libxml2/-/issues/861
https://www.openwall.com/lists/oss-security/2025/02/18/2
Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/6c716d491dd2e67f08066f4dc0619efeb49e43e6
Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/503f788e84f1c1f1d769c2c7258d77faee94b5a3 (v2.12.10)

Связанные уязвимости

CVE-2025-27113

CVSS3: 2.9

ubuntu

4 месяца назад

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

CVE-2025-27113

CVSS3: 3.1

redhat

4 месяца назад

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

CVE-2025-27113

CVSS3: 2.9

nvd

4 месяца назад

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

CVE-2025-27113

CVSS3: 7.5

msrc

4 месяца назад

Описание отсутствует

GHSA-m9m6-wcr9-hh75

CVSS3: 2.9

github

4 месяца назад

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.