Количество 11
Количество 11
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.
CVE-2025-9714
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.
CVE-2025-9714
Uncontrolled recursion inXPath evaluationin libxml2 up to and includin ...
RLSA-2025:22376
Moderate: libxml2 security update
GHSA-fmj5-rvmp-845r
Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled.
ELSA-2025-22376
ELSA-2025-22376: libxml2 security update (MODERATE)
BDU:2026-02937
Уязвимость библиотеки Libxml2, связанная с неконтролируемой рекурсией, позволяющая нарушителю вызвать отказ в обслуживании
SUSE-SU-2025:4115-1
Security update for libxml2
SUSE-SU-2025:4104-1
Security update for libxml2
ROS-20251111-01
Множественные уязвимости libxml2
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-9714 Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled. | CVSS3: 6.2 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-9714 Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled. | CVSS3: 6.2 | 0% Низкий | 7 месяцев назад |
 | CVE-2025-9714 Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled. | CVSS3: 6.2 | 0% Низкий | 7 месяцев назад |
| CVE-2025-9714 Uncontrolled recursion inXPath evaluationin libxml2 up to and includin ... | CVSS3: 6.2 | 0% Низкий | 7 месяцев назад |
 | RLSA-2025:22376 Moderate: libxml2 security update | 0% Низкий | 4 месяца назад | |
| GHSA-fmj5-rvmp-845r Uncontrolled recursion in XPath evaluation in libxml2 up to and including version 2.9.14 allows a local attacker to cause a stack overflow via crafted expressions. XPath processing functions `xmlXPathRunEval`, `xmlXPathCtxtCompile`, and `xmlXPathEvalExpr` were resetting recursion depth to zero before making potentially recursive calls. When such functions were called recursively this could allow for uncontrolled recursion and lead to a stack overflow. These functions now preserve recursion depth across recursive calls, allowing recursion depth to be controlled. | CVSS3: 6.2 | 0% Низкий | 7 месяцев назад |
| ELSA-2025-22376 ELSA-2025-22376: libxml2 security update (MODERATE) | 4 месяца назад | ||
 | BDU:2026-02937 Уязвимость библиотеки Libxml2, связанная с неконтролируемой рекурсией, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 6.2 | 0% Низкий | больше 3 лет назад |
 | SUSE-SU-2025:4115-1 Security update for libxml2 | 4 месяца назад | ||
| SUSE-SU-2025:4104-1 Security update for libxml2 | 5 месяцев назад | ||
 | ROS-20251111-01 Множественные уязвимости libxml2 | CVSS3: 5.5 | 5 месяцев назад |
Уязвимостей на страницу