Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-49795

Опубликовано: 16 июн. 2025
Источник: debian

Описание

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libxml2not-affectedpackage

Примечания

  • https://gitlab.gnome.org/GNOME/libxml2/-/issues/932

  • Introduced by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/2cc93f77543b5721257f795f303bfb56a4b384c7 (v2.10.0)

  • Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/499bcb78ab389f60c2fd634ce410d4bb85c18765 (master)

  • Follow up: https://gitlab.gnome.org/GNOME/libxml2/-/commit/24d7e15914588cb45e7fb41cbe4fcf785e1a4861 (master)

  • Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/c24909ba2601848825b49a60f988222da3019667 (2.14)

Связанные уязвимости

ubuntu логотип

CVE-2025-49795

CVSS3: 7.5
ubuntu
6 месяцев назад

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

redhat логотип

CVE-2025-49795

CVSS3: 7.5
redhat
6 месяцев назад

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

nvd логотип

CVE-2025-49795

CVSS3: 7.5
nvd
6 месяцев назад

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

msrc логотип

CVE-2025-49795

CVSS3: 7.5
msrc
3 месяца назад

Libxml: null pointer dereference leads to denial of service (dos)

github логотип

GHSA-gg7j-w83p-fxr9

CVSS3: 7.5
github
6 месяцев назад

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.