Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:13203

Опубликовано: 08 сент. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards.

Security Fix(es):

  • libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables (CVE-2025-32415)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
libxml2i68621.el8_10.3libxml2-2.9.7-21.el8_10.3.i686.rpm
libxml2x86_6421.el8_10.3libxml2-2.9.7-21.el8_10.3.x86_64.rpm
python3-libxml2x86_6421.el8_10.3python3-libxml2-2.9.7-21.el8_10.3.x86_64.rpm

Показывать по

Связанные CVE

Исправления

Связанные уязвимости

CVSS3: 2.9
ubuntu
6 месяцев назад

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

CVSS3: 7.5
redhat
6 месяцев назад

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

CVSS3: 2.9
nvd
6 месяцев назад

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

CVSS3: 7.5
msrc
5 месяцев назад

Описание отсутствует

CVSS3: 2.9
debian
6 месяцев назад

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNod ...