Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-49796 (GCVE-0-2025-49796)
Vulnerability from cvelistv5
Published
2025-06-16 15:14
Modified
2025-08-07 08:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Red Hat | Red Hat Enterprise Linux 10 |
Unaffected: 0:2.12.5-7.el10_0 < * cpe:/o:redhat:enterprise_linux:10.0 |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49796",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-16T15:32:55.790163Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-16T15:33:08.296Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.0"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.12.5-7.el10_0",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.1-6.el7_9.10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-21.el8_10.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream",
"cpe:/o:redhat:enterprise_linux:8::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-21.el8_10.1",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.2::baseos",
"cpe:/a:redhat:rhel_aus:8.2::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-9.el8_2.3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.4::baseos",
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-9.el8_4.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_aus:8.4::baseos",
"cpe:/a:redhat:rhel_aus:8.4::appstream",
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-9.el8_4.6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-13.el8_6.10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-13.el8_6.10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream",
"cpe:/a:redhat:rhel_tus:8.6::appstream",
"cpe:/o:redhat:rhel_tus:8.6::baseos",
"cpe:/o:redhat:rhel_e4s:8.6::baseos",
"cpe:/a:redhat:rhel_e4s:8.6::appstream",
"cpe:/o:redhat:rhel_aus:8.6::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-13.el8_6.10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.8::baseos",
"cpe:/a:redhat:rhel_tus:8.8::appstream",
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/o:redhat:rhel_tus:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-16.el8_8.9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:8.8::baseos",
"cpe:/a:redhat:rhel_tus:8.8::appstream",
"cpe:/a:redhat:rhel_e4s:8.8::appstream",
"cpe:/o:redhat:rhel_tus:8.8::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.7-16.el8_8.9",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-10.el9_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-10.el9_6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_e4s:9.0::baseos",
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-1.el9_0.5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream",
"cpe:/o:redhat:rhel_e4s:9.2::baseos"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-3.el9_2.7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:rhel_eus:9.4::baseos",
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:2.9.13-10.el9_4",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:discovery:2::el9"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
"product": "Red Hat Discovery 2",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:insights_proxy:1.5::el9"
],
"defaultStatus": "affected",
"packageName": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9",
"product": "Red Hat Insights proxy 1.5",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "libxml2",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
"cpes": [
"cpe:/a:redhat:jboss_core_services:1"
],
"defaultStatus": "affected",
"packageName": "libxml2",
"product": "Red Hat JBoss Core Services",
"vendor": "Red Hat"
}
],
"datePublic": "2025-06-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-07T08:59:08.709Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2025:10630",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"name": "RHSA-2025:10698",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"name": "RHSA-2025:10699",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"name": "RHSA-2025:11580",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"name": "RHSA-2025:12098",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"name": "RHSA-2025:12099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"name": "RHSA-2025:12199",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"name": "RHSA-2025:12237",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"name": "RHSA-2025:12239",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"name": "RHSA-2025:12240",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"name": "RHSA-2025:12241",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"name": "RHSA-2025:13267",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"name": "RHSA-2025:13335",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"name": "RHBZ#2372385",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-06-12T00:35:26.470000+00:00",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2025-06-11T00:00:00+00:00",
"value": "Made public."
}
],
"title": "Libxml: type confusion leads to denial of service (dos)",
"workarounds": [
{
"lang": "en",
"value": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix."
}
],
"x_redhatCweChain": "CWE-125: Out-of-bounds Read"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2025-49796",
"datePublished": "2025-06-16T15:14:28.251Z",
"dateReserved": "2025-06-10T22:17:05.287Z",
"dateUpdated": "2025-08-07T08:59:08.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-49796\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2025-06-16T16:15:19.370\",\"lastModified\":\"2025-08-07T09:15:27.990\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad en libxml2. El procesamiento de ciertos elementos sch:name del archivo XML de entrada puede provocar un problema de corrupci\u00f3n de memoria. Esta falla permite a un atacante manipular un archivo XML de entrada malicioso que puede provocar el bloqueo de libxml, lo que resulta en una denegaci\u00f3n de servicio u otro posible comportamiento indefinido debido a la corrupci\u00f3n de datos confidenciales en la memoria.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10630\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10698\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:10699\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:11580\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:12098\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:12099\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:12199\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:12237\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:12239\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:12240\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:12241\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:13267\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2025:13335\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-49796\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2372385\",\"source\":\"secalert@redhat.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-49796\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-16T15:32:55.790163Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-16T15:32:58.396Z\"}}], \"cna\": {\"title\": \"Libxml: type confusion leads to denial of service (dos)\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.12.5-7.el10_0\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_els:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7 Extended Lifecycle Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.1-6.el7_9.10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\", \"cpe:/o:redhat:enterprise_linux:8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-21.el8_10.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\", \"cpe:/o:redhat:enterprise_linux:8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-21.el8_10.1\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.2::baseos\", \"cpe:/a:redhat:rhel_aus:8.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.2 Advanced Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-9.el8_2.3\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.4::baseos\", \"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\", \"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-9.el8_4.6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_aus:8.4::baseos\", \"cpe:/a:redhat:rhel_aus:8.4::appstream\", \"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\", \"cpe:/o:redhat:rhel_eus_long_life:8.4::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-9.el8_4.6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-13.el8_6.10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-13.el8_6.10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\", \"cpe:/a:redhat:rhel_tus:8.6::appstream\", \"cpe:/o:redhat:rhel_tus:8.6::baseos\", \"cpe:/o:redhat:rhel_e4s:8.6::baseos\", \"cpe:/a:redhat:rhel_e4s:8.6::appstream\", \"cpe:/o:redhat:rhel_aus:8.6::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-13.el8_6.10\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\", \"cpe:/a:redhat:rhel_tus:8.8::appstream\", \"cpe:/a:redhat:rhel_e4s:8.8::appstream\", \"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Telecommunications Update Service\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-16.el8_8.9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:8.8::baseos\", \"cpe:/a:redhat:rhel_tus:8.8::appstream\", \"cpe:/a:redhat:rhel_e4s:8.8::appstream\", \"cpe:/o:redhat:rhel_tus:8.8::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.7-16.el8_8.9\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\", \"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.13-10.el9_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9::baseos\", \"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.13-10.el9_6\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_e4s:9.0::baseos\", \"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.13-1.el9_0.5\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::appstream\", \"cpe:/o:redhat:rhel_e4s:9.2::baseos\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.13-3.el9_2.7\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_eus:9.4::baseos\", \"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9.4 Extended Update Support\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"0:2.9.13-10.el9_4\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:discovery:2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Discovery 2\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/discovery/discovery-server-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:insights_proxy:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Insights proxy 1.5\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d\", \"lessThan\": \"*\", \"versionType\": \"rpm\"}], \"packageName\": \"registry.redhat.io/insights-proxy/insights-proxy-container-rhel9\", \"collectionURL\": \"https://catalog.redhat.com/software/containers/\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 6\", \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/downloads/content/package-browser/\", \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_core_services:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Core Services\", \"packageName\": \"libxml2\", \"collectionURL\": \"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html\", \"defaultStatus\": \"affected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-06-12T00:35:26.470000+00:00\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2025-06-11T00:00:00+00:00\", \"value\": \"Made public.\"}], \"datePublic\": \"2025-06-11T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2025:10630\", \"name\": \"RHSA-2025:10630\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10698\", \"name\": \"RHSA-2025:10698\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:10699\", \"name\": \"RHSA-2025:10699\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:11580\", \"name\": \"RHSA-2025:11580\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:12098\", \"name\": \"RHSA-2025:12098\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:12099\", \"name\": \"RHSA-2025:12099\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:12199\", \"name\": \"RHSA-2025:12199\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:12237\", \"name\": \"RHSA-2025:12237\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:12239\", \"name\": \"RHSA-2025:12239\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:12240\", \"name\": \"RHSA-2025:12240\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:12241\", \"name\": \"RHSA-2025:12241\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:13267\", \"name\": \"RHSA-2025:13267\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2025:13335\", \"name\": \"RHSA-2025:13335\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/security/cve/CVE-2025-49796\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2372385\", \"name\": \"RHBZ#2372385\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2025-08-07T08:59:08.709Z\"}, \"x_redhatCweChain\": \"CWE-125: Out-of-bounds Read\"}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-49796\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-07T08:59:08.709Z\", \"dateReserved\": \"2025-06-10T22:17:05.287Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2025-06-16T15:14:28.251Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
rhsa-2025:12241
Vulnerability from csaf_redhat
Published
2025-07-30 07:10
Modified
2025-08-14 15:30
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12241",
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12241.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T15:30:17+00:00",
"generator": {
"date": "2025-08-14T15:30:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:12241",
"initial_release_date": "2025-07-30T07:10:57+00:00",
"revision_history": [
{
"date": "2025-07-30T07:10:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-30T07:10:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T15:30:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.4::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"product_id": "libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_4.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_4.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_4.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_4.6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.6.i686",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.6.i686",
"product_id": "libxml2-0:2.9.7-9.el8_4.6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"product_id": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_4.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_4.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_4.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_4.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.6.x86_64",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.6.x86_64",
"product_id": "libxml2-0:2.9.7-9.el8_4.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"product_id": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-9.el8_4.6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_4.6.src",
"product": {
"name": "libxml2-0:2.9.7-9.el8_4.6.src",
"product_id": "libxml2-0:2.9.7-9.el8_4.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_4.6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.src as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.src as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.src as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:10:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-393: Return of Wrong Status Code vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational needs, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect and respond to threats in real time, helping prevent or limit exploitation attempts. Robust input validation and error handling ensure all user inputs are thoroughly validated, supporting consistent and secure system responses.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:10:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:10:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:10:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"AppStream-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.AUS:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-debugsource-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:libxml2-devel-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-0:2.9.7-9.el8_4.6.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:python3-libxml2-debuginfo-0:2.9.7-9.el8_4.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:13335
Vulnerability from csaf_redhat
Published
2025-08-07 07:50
Modified
2025-08-14 09:09
Summary
Red Hat Security Advisory: Insights proxy Container Image
Notes
Topic
Initial GA Release of Red Hat Insights proxy
Details
The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights.
The Insights proxy routes all Red Hat Insights traffic through itself, providing a layer of privary and security for disconnected customer systems.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Initial GA Release of Red Hat Insights proxy",
"title": "Topic"
},
{
"category": "general",
"text": "The Insights proxy Container is used by the Insights proxy product RPM and serves as an intermediary between cystomer systems in disconnected networks, air-gapped systems or systems with no outside connections and Insights.\nThe Insights proxy routes all Red Hat Insights traffic through itself, providing a layer of privary and security for disconnected customer systems.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13335",
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-52533",
"url": "https://access.redhat.com/security/cve/CVE-2024-52533"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4373",
"url": "https://access.redhat.com/security/cve/CVE-2025-4373"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-49794",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-49796",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6021",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-7425",
"url": "https://access.redhat.com/security/cve/CVE-2025-7425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8058",
"url": "https://access.redhat.com/security/cve/CVE-2025-8058"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13335.json"
}
],
"title": "Red Hat Security Advisory: Insights proxy Container Image",
"tracking": {
"current_release_date": "2025-08-14T09:09:40+00:00",
"generator": {
"date": "2025-08-14T09:09:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:13335",
"initial_release_date": "2025-08-07T07:50:20+00:00",
"revision_history": [
{
"date": "2025-08-07T07:50:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-07T07:50:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T09:09:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Insights proxy 1.5",
"product": {
"name": "Red Hat Insights proxy 1.5",
"product_id": "Red Hat Insights proxy 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:insights_proxy:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Insights proxy"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"product": {
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"product_id": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/insights-proxy-container-rhel9@sha256%3Ac26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7?arch=amd64\u0026repository_url=registry.redhat.io/insights-proxy\u0026tag=1.5.5-1754504343"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64",
"product": {
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64",
"product_id": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/insights-proxy-container-rhel9@sha256%3Ae54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d?arch=arm64\u0026repository_url=registry.redhat.io/insights-proxy\u0026tag=1.5.5-1754504343"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64 as a component of Red Hat Insights proxy 1.5",
"product_id": "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64"
},
"product_reference": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"relates_to_product_reference": "Red Hat Insights proxy 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64 as a component of Red Hat Insights proxy 1.5",
"product_id": "Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
},
"product_reference": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64",
"relates_to_product_reference": "Red Hat Insights proxy 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-52533",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"discovery_date": "2024-11-11T23:00:48.125765+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2325340"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Glib library. A buffer overflow condition can be triggered in certain conditions due to an off-by-one error in SOCKS4_CONN_MSG_LEN. This issue may lead to an application crash or other undefined behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib: buffer overflow in set_connect_msg()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-52533"
},
{
"category": "external",
"summary": "RHBZ#2325340",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325340"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-52533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52533"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3461",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3461"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1",
"url": "https://gitlab.gnome.org/GNOME/glib/-/releases/2.82.1"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home",
"url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home"
}
],
"release_date": "2024-11-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-07T07:50:20+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat Insights proxy product RPM.\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib: buffer overflow in set_connect_msg()"
},
{
"cve": "CVE-2025-4373",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"discovery_date": "2025-05-06T00:33:30.003000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2364265"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-124: Buffer Underwrite (\u0027Buffer Underflow\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nSecure baseline configurations enforce strict memory handling policies, while change controls ensure any deviations are reviewed and approved. Least functionality reduces the attack surface by disabling unnecessary features that could introduce memory risks. Process isolation contains faults within individual workloads, minimizing broader impact. Real-time monitoring and malicious code protection detect and respond to abnormal memory behavior or exploitation attempts. Hardened configuration settings restrict low-level memory access, lowering the likelihood of unsafe operations. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against buffer underwrite exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4373"
},
{
"category": "external",
"summary": "RHBZ#2364265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364265"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4373",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4373"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/glib/-/issues/3677",
"url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3677"
}
],
"release_date": "2025-05-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-07T07:50:20+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat Insights proxy product RPM.\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "workaround",
"details": "Currently, no mitigation is available for this vulnerability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar"
},
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-07T07:50:20+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat Insights proxy product RPM.\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-07T07:50:20+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat Insights proxy product RPM.\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Sergei Glazunov"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-10T09:37:28.172000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This heap-use-after-free vulnerability in libxslt is rated Important because it can lead to memory corruption and application crashes. The flaw arises when internal attribute metadata (atype) is modified by libxslt\u0027s xsltSetSourceNodeFlags() function during processing of result tree fragments. If the flag corruption prevents proper removal of ID references, later memory cleanup routines may operate on already-freed memory. Since libxslt is commonly used in server-side XML processing, this could result in denial-of-service or potentially facilitate code execution under certain memory reuse conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-7425"
},
{
"category": "external",
"summary": "RHBZ#2379274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7425"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140"
}
],
"release_date": "2025-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-07T07:50:20+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat Insights proxy product RPM.\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxslt: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr"
},
{
"cve": "CVE-2025-8058",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"discovery_date": "2025-07-23T20:00:41.541234+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383146"
}
],
"notes": [
{
"category": "description",
"text": "A double-free vulnerability has been discovered in glibc (GNU C Library). This flaw occurs during bracket expression parsing within the regcomp function, specifically when a memory allocation failure takes place. Exploitation of a double-free vulnerability can lead to memory corruption, which could enable an attacker to achieve arbitrary code execution or a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glibc: Double free in glibc",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8058"
},
{
"category": "external",
"summary": "RHBZ#2383146",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383146"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8058",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8058"
},
{
"category": "external",
"summary": "https://sourceware.org/bugzilla/show_bug.cgi?id=33185",
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=33185"
},
{
"category": "external",
"summary": "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f",
"url": "https://sourceware.org/git/?p=glibc.git;a=commit;h=3ff17af18c38727b88d9115e536c069e6b5d601f"
}
],
"release_date": "2025-07-23T19:57:17.138000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-07T07:50:20+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat Insights proxy product RPM.\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "glibc: Double free in glibc"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-07T07:50:20+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat Insights proxy product RPM.\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-07T07:50:20+00:00",
"details": "The Insights proxy container image provided here is downloaded by the Red Hat Insights proxy product RPM.\nBefore applying this update, make sure all previously released errata relevant to your system have been applied.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7_amd64",
"Red Hat Insights proxy 1.5:registry.redhat.io/insights-proxy/insights-proxy-container-rhel9@sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:12240
Vulnerability from csaf_redhat
Published
2025-07-30 07:16
Modified
2025-08-14 15:30
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12240",
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12240.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T15:30:40+00:00",
"generator": {
"date": "2025-08-14T15:30:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:12240",
"initial_release_date": "2025-07-30T07:16:46+00:00",
"revision_history": [
{
"date": "2025-07-30T07:16:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-30T07:16:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T15:30:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.1-6.el7_9.10.src",
"product": {
"name": "libxml2-0:2.9.1-6.el7_9.10.src",
"product_id": "libxml2-0:2.9.1-6.el7_9.10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.1-6.el7_9.10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc",
"product": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc",
"product_id": "libxml2-0:2.9.1-6.el7_9.10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.1-6.el7_9.10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"product": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"product_id": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7_9.10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"product": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"product_id": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7_9.10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"product": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"product_id": "libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7_9.10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc64",
"product": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc64",
"product_id": "libxml2-0:2.9.1-6.el7_9.10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.1-6.el7_9.10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"product": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"product_id": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7_9.10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"product": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"product_id": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7_9.10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"product": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"product_id": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7_9.10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"product": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"product_id": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7_9.10?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.1-6.el7_9.10.s390",
"product": {
"name": "libxml2-0:2.9.1-6.el7_9.10.s390",
"product_id": "libxml2-0:2.9.1-6.el7_9.10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.1-6.el7_9.10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"product": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"product_id": "libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7_9.10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"product": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"product_id": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7_9.10?arch=s390"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.9.1-6.el7_9.10.s390",
"product": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.s390",
"product_id": "libxml2-static-0:2.9.1-6.el7_9.10.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7_9.10?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.1-6.el7_9.10.s390x",
"product": {
"name": "libxml2-0:2.9.1-6.el7_9.10.s390x",
"product_id": "libxml2-0:2.9.1-6.el7_9.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.1-6.el7_9.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"product": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"product_id": "libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7_9.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"product": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"product_id": "libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7_9.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"product_id": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7_9.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"product": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"product_id": "libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7_9.10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.1-6.el7_9.10.x86_64",
"product": {
"name": "libxml2-0:2.9.1-6.el7_9.10.x86_64",
"product_id": "libxml2-0:2.9.1-6.el7_9.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.1-6.el7_9.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"product_id": "libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7_9.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"product": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"product_id": "libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7_9.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7_9.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"product": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"product_id": "libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7_9.10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.1-6.el7_9.10.i686",
"product": {
"name": "libxml2-0:2.9.1-6.el7_9.10.i686",
"product_id": "libxml2-0:2.9.1-6.el7_9.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.1-6.el7_9.10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"product": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"product_id": "libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7_9.10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"product_id": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7_9.10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.9.1-6.el7_9.10.i686",
"product": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.i686",
"product_id": "libxml2-static-0:2.9.1-6.el7_9.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7_9.10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"product": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"product_id": "libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.1-6.el7_9.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"product_id": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7_9.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"product": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"product_id": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7_9.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7_9.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"product": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"product_id": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7_9.10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.i686 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.i686",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.ppc",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.s390 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.s390",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.src",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.i686 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.s390 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.i686 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.i686",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.s390 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.s390",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.i686",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.ppc",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.s390",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.src",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-python-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.i686",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.s390",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.9.1-6.el7_9.10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
},
"product_reference": "libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:16:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-393: Return of Wrong Status Code vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational needs, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect and respond to threats in real time, helping prevent or limit exploitation attempts. Robust input validation and error handling ensure all user inputs are thoroughly validated, supporting consistent and secure system responses.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:16:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:16:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:16:46+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.src",
"7Server-optional-ELS:libxml2-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-debuginfo-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-devel-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-python-0:2.9.1-6.el7_9.10.x86_64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.i686",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.ppc64le",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.s390x",
"7Server-optional-ELS:libxml2-static-0:2.9.1-6.el7_9.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:12199
Vulnerability from csaf_redhat
Published
2025-07-29 16:02
Modified
2025-08-14 09:08
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12199",
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12199.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T09:08:22+00:00",
"generator": {
"date": "2025-08-14T09:08:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:12199",
"initial_release_date": "2025-07-29T16:02:55+00:00",
"revision_history": [
{
"date": "2025-07-29T16:02:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-29T16:02:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T09:08:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-3.el9_2.7.src",
"product": {
"name": "libxml2-0:2.9.13-3.el9_2.7.src",
"product_id": "libxml2-0:2.9.13-3.el9_2.7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-3.el9_2.7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-3.el9_2.7.aarch64",
"product": {
"name": "libxml2-0:2.9.13-3.el9_2.7.aarch64",
"product_id": "libxml2-0:2.9.13-3.el9_2.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-3.el9_2.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"product": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"product_id": "python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-3.el9_2.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"product_id": "libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-3.el9_2.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"product_id": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-3.el9_2.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-3.el9_2.7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"product": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"product_id": "libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-3.el9_2.7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"product": {
"name": "libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"product_id": "libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-3.el9_2.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"product_id": "python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-3.el9_2.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-3.el9_2.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-3.el9_2.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-3.el9_2.7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"product_id": "libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-3.el9_2.7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-3.el9_2.7.i686",
"product": {
"name": "libxml2-0:2.9.13-3.el9_2.7.i686",
"product_id": "libxml2-0:2.9.13-3.el9_2.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-3.el9_2.7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"product_id": "libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-3.el9_2.7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"product_id": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-3.el9_2.7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-3.el9_2.7?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"product": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"product_id": "libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-3.el9_2.7?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-3.el9_2.7.x86_64",
"product": {
"name": "libxml2-0:2.9.13-3.el9_2.7.x86_64",
"product_id": "libxml2-0:2.9.13-3.el9_2.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-3.el9_2.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"product_id": "python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-3.el9_2.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"product_id": "libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-3.el9_2.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-3.el9_2.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-3.el9_2.7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"product_id": "libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-3.el9_2.7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-3.el9_2.7.s390x",
"product": {
"name": "libxml2-0:2.9.13-3.el9_2.7.s390x",
"product_id": "libxml2-0:2.9.13-3.el9_2.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-3.el9_2.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"product": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"product_id": "python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-3.el9_2.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"product": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"product_id": "libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-3.el9_2.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"product_id": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-3.el9_2.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-3.el9_2.7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"product": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"product_id": "libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-3.el9_2.7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "libxml2-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T16:02:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T16:02:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T16:02:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"AppStream-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"AppStream-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.src",
"BaseOS-9.2.0.Z.E4S:libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-debugsource-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:libxml2-devel-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-0:2.9.13-3.el9_2.7.x86_64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.aarch64",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.i686",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.ppc64le",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.s390x",
"BaseOS-9.2.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-3.el9_2.7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:10699
Vulnerability from csaf_redhat
Published
2025-07-09 12:18
Modified
2025-08-14 09:08
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10699",
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10699.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T09:08:32+00:00",
"generator": {
"date": "2025-08-14T09:08:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:10699",
"initial_release_date": "2025-07-09T12:18:48+00:00",
"revision_history": [
{
"date": "2025-07-09T12:18:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T12:18:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T09:08:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"product_id": "libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_6.aarch64",
"product": {
"name": "libxml2-0:2.9.13-10.el9_6.aarch64",
"product_id": "libxml2-0:2.9.13-10.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"product": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"product_id": "python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-10.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"product_id": "libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_6.ppc64le",
"product": {
"name": "libxml2-0:2.9.13-10.el9_6.ppc64le",
"product_id": "libxml2-0:2.9.13-10.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"product_id": "python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-10.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_6.i686",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.i686",
"product_id": "libxml2-devel-0:2.9.13-10.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_6.i686",
"product": {
"name": "libxml2-0:2.9.13-10.el9_6.i686",
"product_id": "libxml2-0:2.9.13-10.el9_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"product_id": "libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_6.x86_64",
"product": {
"name": "libxml2-0:2.9.13-10.el9_6.x86_64",
"product_id": "libxml2-0:2.9.13-10.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"product_id": "python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-10.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_6.s390x",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.s390x",
"product_id": "libxml2-devel-0:2.9.13-10.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_6.s390x",
"product": {
"name": "libxml2-0:2.9.13-10.el9_6.s390x",
"product_id": "libxml2-0:2.9.13-10.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-10.el9_6.s390x",
"product": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.s390x",
"product_id": "python3-libxml2-0:2.9.13-10.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-10.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_6.src",
"product": {
"name": "libxml2-0:2.9.13-10.el9_6.src",
"product_id": "libxml2-0:2.9.13-10.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "libxml2-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T12:18:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T12:18:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T12:18:48+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"AppStream-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.src",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:libxml2-devel-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-0:2.9.13-10.el9_6.x86_64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.aarch64",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.i686",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.ppc64le",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.s390x",
"BaseOS-9.6.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:10630
Vulnerability from csaf_redhat
Published
2025-07-08 21:17
Modified
2025-08-14 09:08
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Null pointer dereference leads to Denial of service (DoS) (CVE-2025-49795)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Null pointer dereference leads to Denial of service (DoS) (CVE-2025-49795)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10630",
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372379"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10630.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T09:08:00+00:00",
"generator": {
"date": "2025-08-14T09:08:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:10630",
"initial_release_date": "2025-07-08T21:17:21+00:00",
"revision_history": [
{
"date": "2025-07-08T21:17:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-08T21:17:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T09:08:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.12.5-7.el10_0.src",
"product": {
"name": "libxml2-0:2.12.5-7.el10_0.src",
"product_id": "libxml2-0:2.12.5-7.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.12.5-7.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.12.5-7.el10_0.aarch64",
"product": {
"name": "libxml2-0:2.12.5-7.el10_0.aarch64",
"product_id": "libxml2-0:2.12.5-7.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.12.5-7.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"product": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"product_id": "python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.12.5-7.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"product_id": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.12.5-7.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"product_id": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.12.5-7.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.12.5-7.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"product": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"product_id": "libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.12.5-7.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.12.5-7.el10_0.aarch64",
"product": {
"name": "libxml2-static-0:2.12.5-7.el10_0.aarch64",
"product_id": "libxml2-static-0:2.12.5-7.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.12.5-7.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.12.5-7.el10_0.ppc64le",
"product": {
"name": "libxml2-0:2.12.5-7.el10_0.ppc64le",
"product_id": "libxml2-0:2.12.5-7.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.12.5-7.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"product": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"product_id": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.12.5-7.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"product_id": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.12.5-7.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"product_id": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.12.5-7.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.12.5-7.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"product": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"product_id": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.12.5-7.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"product": {
"name": "libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"product_id": "libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.12.5-7.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.12.5-7.el10_0.x86_64",
"product": {
"name": "libxml2-0:2.12.5-7.el10_0.x86_64",
"product_id": "libxml2-0:2.12.5-7.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.12.5-7.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"product": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"product_id": "python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.12.5-7.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"product_id": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.12.5-7.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"product_id": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.12.5-7.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.12.5-7.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"product": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"product_id": "libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.12.5-7.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.12.5-7.el10_0.x86_64",
"product": {
"name": "libxml2-static-0:2.12.5-7.el10_0.x86_64",
"product_id": "libxml2-static-0:2.12.5-7.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.12.5-7.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.12.5-7.el10_0.s390x",
"product": {
"name": "libxml2-0:2.12.5-7.el10_0.s390x",
"product_id": "libxml2-0:2.12.5-7.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.12.5-7.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.12.5-7.el10_0.s390x",
"product": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.s390x",
"product_id": "python3-libxml2-0:2.12.5-7.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.12.5-7.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"product": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"product_id": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.12.5-7.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"product_id": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.12.5-7.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.12.5-7.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.12.5-7.el10_0.s390x",
"product": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.s390x",
"product_id": "libxml2-devel-0:2.12.5-7.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.12.5-7.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-static-0:2.12.5-7.el10_0.s390x",
"product": {
"name": "libxml2-static-0:2.12.5-7.el10_0.s390x",
"product_id": "libxml2-static-0:2.12.5-7.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-static@2.12.5-7.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.src",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.src as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.src",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-static-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "libxml2-static-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"relates_to_product_reference": "CRB-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64 as a component of Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"product_id": "CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"relates_to_product_reference": "CRB-10.0.Z"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-08T21:17:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-08T21:17:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49795",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-12T00:31:08.194000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372379"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Null pointer dereference leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important rather than Moderate due to its triggerability through untrusted input and impact on availability in a widely-used XML processing library like libxml2, which is often embedded in system-level and server-side applications. Although it is \"just\" a NULL pointer dereference\u2014typically classified as a DoS\u2014the context significantly elevates its severity. libxml2 frequently operates in environments that parse external XML content, such as web services, security scanners, and document processors. A crafted XML exploiting malformed XPath in Schematron schemas can reliably crash the application without requiring special privileges or user interaction.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49795"
},
{
"category": "external",
"summary": "RHBZ#2372379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49795"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-08T21:17:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"category": "workaround",
"details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
"product_ids": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Null pointer dereference leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-08T21:17:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"AppStream-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"AppStream-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"BaseOS-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"BaseOS-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.src",
"CRB-10.0.Z:libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-debugsource-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-devel-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:libxml2-static-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-0:2.12.5-7.el10_0.x86_64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.aarch64",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.ppc64le",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.s390x",
"CRB-10.0.Z:python3-libxml2-debuginfo-0:2.12.5-7.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:10698
Vulnerability from csaf_redhat
Published
2025-07-09 12:04
Modified
2025-08-14 09:08
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:10698",
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "RHEL-74345",
"url": "https://issues.redhat.com/browse/RHEL-74345"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_10698.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T09:08:10+00:00",
"generator": {
"date": "2025-08-14T09:08:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:10698",
"initial_release_date": "2025-07-09T12:04:08+00:00",
"revision_history": [
{
"date": "2025-07-09T12:04:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-09T12:04:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T09:08:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"product": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"product_id": "libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-21.el8_10.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"product_id": "libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-21.el8_10.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"product_id": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-21.el8_10.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-21.el8_10.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-21.el8_10.1.aarch64",
"product": {
"name": "libxml2-0:2.9.7-21.el8_10.1.aarch64",
"product_id": "libxml2-0:2.9.7-21.el8_10.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"product": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"product_id": "python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-21.el8_10.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"product_id": "libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-21.el8_10.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-21.el8_10.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-21.el8_10.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-21.el8_10.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"product": {
"name": "libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"product_id": "libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"product_id": "python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-21.el8_10.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"product": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"product_id": "libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-21.el8_10.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"product_id": "libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-21.el8_10.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"product_id": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-21.el8_10.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-21.el8_10.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-21.el8_10.1.i686",
"product": {
"name": "libxml2-0:2.9.7-21.el8_10.1.i686",
"product_id": "libxml2-0:2.9.7-21.el8_10.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"product_id": "libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-21.el8_10.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"product_id": "libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-21.el8_10.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-21.el8_10.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-21.el8_10.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-21.el8_10.1.x86_64",
"product": {
"name": "libxml2-0:2.9.7-21.el8_10.1.x86_64",
"product_id": "libxml2-0:2.9.7-21.el8_10.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"product_id": "python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-21.el8_10.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"product": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"product_id": "libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-21.el8_10.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"product": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"product_id": "libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-21.el8_10.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"product_id": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-21.el8_10.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-21.el8_10.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-21.el8_10.1.s390x",
"product": {
"name": "libxml2-0:2.9.7-21.el8_10.1.s390x",
"product_id": "libxml2-0:2.9.7-21.el8_10.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"product": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"product_id": "python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-21.el8_10.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-21.el8_10.1.src",
"product": {
"name": "libxml2-0:2.9.7-21.el8_10.1.src",
"product_id": "libxml2-0:2.9.7-21.el8_10.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-21.el8_10.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.src",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "libxml2-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T12:04:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T12:04:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-09T12:04:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"AppStream-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.src",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-debugsource-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:libxml2-devel-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-0:2.9.7-21.el8_10.1.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:python3-libxml2-debuginfo-0:2.9.7-21.el8_10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:12098
Vulnerability from csaf_redhat
Published
2025-07-29 13:52
Modified
2025-08-14 15:30
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12098",
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12098.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T15:30:06+00:00",
"generator": {
"date": "2025-08-14T15:30:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:12098",
"initial_release_date": "2025-07-29T13:52:26+00:00",
"revision_history": [
{
"date": "2025-07-29T13:52:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-29T13:52:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T15:30:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"product": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"product_id": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-13.el8_6.10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"product_id": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-13.el8_6.10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"product_id": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-13.el8_6.10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-13.el8_6.10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-13.el8_6.10.i686",
"product": {
"name": "libxml2-0:2.9.7-13.el8_6.10.i686",
"product_id": "libxml2-0:2.9.7-13.el8_6.10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-13.el8_6.10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"product_id": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-13.el8_6.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"product_id": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-13.el8_6.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-13.el8_6.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-13.el8_6.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"product": {
"name": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"product_id": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-13.el8_6.10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"product_id": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-13.el8_6.10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-13.el8_6.10.src",
"product": {
"name": "libxml2-0:2.9.7-13.el8_6.10.src",
"product_id": "libxml2-0:2.9.7-13.el8_6.10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-13.el8_6.10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-13.el8_6.10.aarch64",
"product": {
"name": "libxml2-0:2.9.7-13.el8_6.10.aarch64",
"product_id": "libxml2-0:2.9.7-13.el8_6.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-13.el8_6.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"product": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"product_id": "python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-13.el8_6.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"product_id": "libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-13.el8_6.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"product_id": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-13.el8_6.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-13.el8_6.10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"product": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"product_id": "libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-13.el8_6.10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"product": {
"name": "libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"product_id": "libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-13.el8_6.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"product_id": "python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-13.el8_6.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-13.el8_6.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-13.el8_6.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-13.el8_6.10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"product_id": "libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-13.el8_6.10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-13.el8_6.10.s390x",
"product": {
"name": "libxml2-0:2.9.7-13.el8_6.10.s390x",
"product_id": "libxml2-0:2.9.7-13.el8_6.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-13.el8_6.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"product": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"product_id": "python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-13.el8_6.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"product": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"product_id": "libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-13.el8_6.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"product_id": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-13.el8_6.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-13.el8_6.10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"product": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"product_id": "libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-13.el8_6.10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.src as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T13:52:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-393: Return of Wrong Status Code vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational needs, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect and respond to threats in real time, helping prevent or limit exploitation attempts. Robust input validation and error handling ensure all user inputs are thoroughly validated, supporting consistent and secure system responses.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T13:52:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T13:52:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T13:52:26+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"AppStream-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"AppStream-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"AppStream-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.AUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.E4S:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.aarch64",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.ppc64le",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.s390x",
"BaseOS-8.6.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.src",
"BaseOS-8.6.0.Z.TUS:libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-debugsource-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:libxml2-devel-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-0:2.9.7-13.el8_6.10.x86_64",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.i686",
"BaseOS-8.6.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-13.el8_6.10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:11580
Vulnerability from csaf_redhat
Published
2025-07-23 05:06
Modified
2025-08-14 09:08
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:11580",
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_11580.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T09:08:22+00:00",
"generator": {
"date": "2025-08-14T09:08:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:11580",
"initial_release_date": "2025-07-23T05:06:37+00:00",
"revision_history": [
{
"date": "2025-07-23T05:06:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-23T05:06:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T09:08:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"product_id": "libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_4.aarch64",
"product": {
"name": "libxml2-0:2.9.13-10.el9_4.aarch64",
"product_id": "libxml2-0:2.9.13-10.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"product": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"product_id": "python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-10.el9_4?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"product_id": "libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_4.ppc64le",
"product": {
"name": "libxml2-0:2.9.13-10.el9_4.ppc64le",
"product_id": "libxml2-0:2.9.13-10.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"product_id": "python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-10.el9_4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_4.i686",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.i686",
"product_id": "libxml2-devel-0:2.9.13-10.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_4.i686",
"product": {
"name": "libxml2-0:2.9.13-10.el9_4.i686",
"product_id": "libxml2-0:2.9.13-10.el9_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"product_id": "libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_4.x86_64",
"product": {
"name": "libxml2-0:2.9.13-10.el9_4.x86_64",
"product_id": "libxml2-0:2.9.13-10.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"product_id": "python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-10.el9_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-10.el9_4.s390x",
"product": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.s390x",
"product_id": "libxml2-devel-0:2.9.13-10.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-10.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"product": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"product_id": "libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-10.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"product_id": "libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-10.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-10.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_4.s390x",
"product": {
"name": "libxml2-0:2.9.13-10.el9_4.s390x",
"product_id": "libxml2-0:2.9.13-10.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-10.el9_4.s390x",
"product": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.s390x",
"product_id": "python3-libxml2-0:2.9.13-10.el9_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-10.el9_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-10.el9_4.src",
"product": {
"name": "libxml2-0:2.9.13-10.el9_4.src",
"product_id": "libxml2-0:2.9.13-10.el9_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-10.el9_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "libxml2-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-23T05:06:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-23T05:06:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-23T05:06:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"AppStream-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"AppStream-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.src",
"BaseOS-9.4.0.Z.EUS:libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-debugsource-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:libxml2-devel-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-0:2.9.13-10.el9_4.x86_64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.aarch64",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.i686",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.ppc64le",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.s390x",
"BaseOS-9.4.0.Z.EUS:python3-libxml2-debuginfo-0:2.9.13-10.el9_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:12239
Vulnerability from csaf_redhat
Published
2025-07-30 07:14
Modified
2025-08-14 15:30
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12239",
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12239.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T15:30:29+00:00",
"generator": {
"date": "2025-08-14T15:30:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:12239",
"initial_release_date": "2025-07-30T07:14:41+00:00",
"revision_history": [
{
"date": "2025-07-30T07:14:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-30T07:14:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T15:30:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-16.el8_8.9.src",
"product": {
"name": "libxml2-0:2.9.7-16.el8_8.9.src",
"product_id": "libxml2-0:2.9.7-16.el8_8.9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-16.el8_8.9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"product": {
"name": "libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"product_id": "libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-16.el8_8.9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"product_id": "python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-16.el8_8.9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-16.el8_8.9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-16.el8_8.9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-16.el8_8.9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"product_id": "libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-16.el8_8.9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-16.el8_8.9.i686",
"product": {
"name": "libxml2-0:2.9.7-16.el8_8.9.i686",
"product_id": "libxml2-0:2.9.7-16.el8_8.9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-16.el8_8.9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"product_id": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-16.el8_8.9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"product_id": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-16.el8_8.9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-16.el8_8.9?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"product": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"product_id": "libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-16.el8_8.9?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-16.el8_8.9.x86_64",
"product": {
"name": "libxml2-0:2.9.7-16.el8_8.9.x86_64",
"product_id": "libxml2-0:2.9.7-16.el8_8.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-16.el8_8.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"product_id": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-16.el8_8.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"product_id": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-16.el8_8.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-16.el8_8.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-16.el8_8.9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"product_id": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-16.el8_8.9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:14:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-393: Return of Wrong Status Code vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational needs, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect and respond to threats in real time, helping prevent or limit exploitation attempts. Robust input validation and error handling ensure all user inputs are thoroughly validated, supporting consistent and secure system responses.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:14:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:14:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T07:14:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"AppStream-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"AppStream-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"AppStream-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.E4S:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.ppc64le",
"BaseOS-8.8.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.src",
"BaseOS-8.8.0.Z.TUS:libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-debugsource-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:libxml2-devel-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-0:2.9.7-16.el8_8.9.x86_64",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.i686",
"BaseOS-8.8.0.Z.TUS:python3-libxml2-debuginfo-0:2.9.7-16.el8_8.9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:12099
Vulnerability from csaf_redhat
Published
2025-07-29 13:04
Modified
2025-08-14 09:08
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12099",
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12099.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T09:08:09+00:00",
"generator": {
"date": "2025-08-14T09:08:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:12099",
"initial_release_date": "2025-07-29T13:04:04+00:00",
"revision_history": [
{
"date": "2025-07-29T13:04:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-29T13:04:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T09:08:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.0::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-1.el9_0.5.src",
"product": {
"name": "libxml2-0:2.9.13-1.el9_0.5.src",
"product_id": "libxml2-0:2.9.13-1.el9_0.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-1.el9_0.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-1.el9_0.5.aarch64",
"product": {
"name": "libxml2-0:2.9.13-1.el9_0.5.aarch64",
"product_id": "libxml2-0:2.9.13-1.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-1.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"product": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"product_id": "python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-1.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"product": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"product_id": "libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-1.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"product_id": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-1.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-1.el9_0.5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"product": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"product_id": "libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-1.el9_0.5?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"product": {
"name": "libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"product_id": "libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-1.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"product": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"product_id": "python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-1.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"product": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"product_id": "libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-1.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"product_id": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-1.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-1.el9_0.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"product": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"product_id": "libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-1.el9_0.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-1.el9_0.5.i686",
"product": {
"name": "libxml2-0:2.9.13-1.el9_0.5.i686",
"product_id": "libxml2-0:2.9.13-1.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-1.el9_0.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"product_id": "libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-1.el9_0.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"product_id": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-1.el9_0.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-1.el9_0.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"product": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"product_id": "libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-1.el9_0.5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-1.el9_0.5.x86_64",
"product": {
"name": "libxml2-0:2.9.13-1.el9_0.5.x86_64",
"product_id": "libxml2-0:2.9.13-1.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-1.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"product_id": "python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-1.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"product_id": "libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-1.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-1.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-1.el9_0.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"product_id": "libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-1.el9_0.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.13-1.el9_0.5.s390x",
"product": {
"name": "libxml2-0:2.9.13-1.el9_0.5.s390x",
"product_id": "libxml2-0:2.9.13-1.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.13-1.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"product": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"product_id": "python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.13-1.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"product": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"product_id": "libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.13-1.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"product": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"product_id": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.13-1.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"product_id": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.13-1.el9_0.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"product": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"product_id": "libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.13-1.el9_0.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.src",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "libxml2-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T13:04:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T13:04:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-29T13:04:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"AppStream-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"AppStream-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.src",
"BaseOS-9.0.0.Z.E4S:libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-debugsource-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:libxml2-devel-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-0:2.9.13-1.el9_0.5.x86_64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.aarch64",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.i686",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.ppc64le",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.s390x",
"BaseOS-9.0.0.Z.E4S:python3-libxml2-debuginfo-0:2.9.13-1.el9_0.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:12237
Vulnerability from csaf_redhat
Published
2025-07-30 05:36
Modified
2025-08-14 15:30
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)
* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)
* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for libxml2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Out-of-Bounds Read in libxml2 (CVE-2025-32414)\n\n* libxml: Heap use after free (UAF) leads to Denial of service (DoS) (CVE-2025-49794)\n\n* libxml: Type confusion leads to Denial of service (DoS) (CVE-2025-49796)\n\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 (CVE-2025-6021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:12237",
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_12237.json"
}
],
"title": "Red Hat Security Advisory: libxml2 security update",
"tracking": {
"current_release_date": "2025-08-14T15:30:53+00:00",
"generator": {
"date": "2025-08-14T15:30:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:12237",
"initial_release_date": "2025-07-30T05:36:37+00:00",
"revision_history": [
{
"date": "2025-07-30T05:36:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-30T05:36:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T15:30:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"product_id": "libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_2.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_2.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_2.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_2.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_2.3.i686",
"product": {
"name": "libxml2-0:2.9.7-9.el8_2.3.i686",
"product_id": "libxml2-0:2.9.7-9.el8_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_2.3?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"product": {
"name": "libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"product_id": "libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-devel@2.9.7-9.el8_2.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"product": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"product_id": "libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debugsource@2.9.7-9.el8_2.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"product": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"product_id": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2-debuginfo@2.9.7-9.el8_2.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"product": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"product_id": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2-debuginfo@2.9.7-9.el8_2.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_2.3.x86_64",
"product": {
"name": "libxml2-0:2.9.7-9.el8_2.3.x86_64",
"product_id": "libxml2-0:2.9.7-9.el8_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_2.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"product": {
"name": "python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"product_id": "python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-libxml2@2.9.7-9.el8_2.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-0:2.9.7-9.el8_2.3.src",
"product": {
"name": "libxml2-0:2.9.7-9.el8_2.3.src",
"product_id": "libxml2-0:2.9.7-9.el8_2.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libxml2@2.9.7-9.el8_2.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "libxml2-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_2.3.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src"
},
"product_reference": "libxml2-0:2.9.7-9.el8_2.3.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "libxml2-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_2.3.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src"
},
"product_reference": "libxml2-0:2.9.7-9.el8_2.3.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "libxml2-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
},
"product_reference": "python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T05:36:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-32414",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"discovery_date": "2025-04-08T04:00:51.284113+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358121"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2. This vulnerability allows out-of-bounds memory access due to incorrect handling of return values in xmlPythonFileRead and xmlPythonFileReadRaw. This is caused by a mismatch between the length of the file in bytes vs the length in characters, as unicode characters can occupy up to 4 bytes per character.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Out-of-Bounds Read in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This bug affects parsing of text streams using:\n- the Python bindings (pending deprecation: https://gitlab.gnome.org/GNOME/libxml2/-/issues/891)\n- the libxml2 SAX driver drv_libxml2,\n- the XML Reader API\n\nParsing of binary streams is not affected by this vulnerability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-393: Return of Wrong Status Code vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational needs, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect and respond to threats in real time, helping prevent or limit exploitation attempts. Robust input validation and error handling ensure all user inputs are thoroughly validated, supporting consistent and secure system responses.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-32414"
},
{
"category": "external",
"summary": "RHBZ#2358121",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358121"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32414"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/889"
}
],
"release_date": "2025-04-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T05:36:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Out-of-Bounds Read in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T05:36:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-30T05:36:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"AppStream-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"AppStream-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.src",
"BaseOS-8.2.0.Z.AUS:libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-debugsource-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:libxml2-devel-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-0:2.9.7-9.el8_2.3.x86_64",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.i686",
"BaseOS-8.2.0.Z.AUS:python3-libxml2-debuginfo-0:2.9.7-9.el8_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
rhsa-2025:13267
Vulnerability from csaf_redhat
Published
2025-08-06 15:26
Modified
2025-08-14 09:09
Summary
Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
Notes
Topic
A Subscription Management tool for finding and reporting Red Hat product usage
Details
Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their operating systems, and relevant configuration data stored within them. Discovery also identifies and reports more detailed facts for some versions of key Red Hat packages and products that it finds in the network.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A Subscription Management tool for finding and reporting Red Hat product usage",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds, identifies, and reports environment data, or facts, such as the number of physical and virtual systems on a network, their operating systems, and relevant configuration data stored within them. Discovery also identifies and reports more detailed facts for some versions of key Red Hat packages and products that it finds in the network.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:13267",
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-12718",
"url": "https://access.redhat.com/security/cve/CVE-2024-12718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-40909",
"url": "https://access.redhat.com/security/cve/CVE-2025-40909"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4138",
"url": "https://access.redhat.com/security/cve/CVE-2025-4138"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4330",
"url": "https://access.redhat.com/security/cve/CVE-2025-4330"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4435",
"url": "https://access.redhat.com/security/cve/CVE-2025-4435"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4517",
"url": "https://access.redhat.com/security/cve/CVE-2025-4517"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-49796",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6021",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-7425",
"url": "https://access.redhat.com/security/cve/CVE-2025-7425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery",
"url": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_13267.json"
}
],
"title": "Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage",
"tracking": {
"current_release_date": "2025-08-14T09:09:29+00:00",
"generator": {
"date": "2025-08-14T09:09:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:13267",
"initial_release_date": "2025-08-06T15:26:03+00:00",
"revision_history": [
{
"date": "2025-08-06T15:26:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-08-06T15:26:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-14T09:09:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Discovery 2",
"product": {
"name": "Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:discovery:2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Discovery"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3Aad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=2.0.1-1754478727"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=2.0.1-1754485705"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3Ac517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=2.0.1-1754478727"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=2.0.1-1754485705"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12718",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-03T14:00:57.613538+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370013"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CPython\u0027s tarfile module. This vulnerability allows modification of file metadata, such as timestamps or permissions, outside the intended extraction directory via maliciously crafted tar archives using the filter=\"data\" or filter=\"tar\" extraction filters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Bypass extraction filter to modify file metadata outside extraction directory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability was lowered due to the fact that successful exploitation requires the attacker to convince a privileged user or process to extract a malicious tar file. Since tar file extraction typically occurs in trusted contexts or with elevated privileges, the impact is reduced by the requirement of such access.\n\nVersions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-12718"
},
{
"category": "external",
"summary": "RHBZ#2370013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370013"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-12718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12718"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/127987",
"url": "https://github.com/python/cpython/issues/127987"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:59:10.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cpython: python: Bypass extraction filter to modify file metadata outside extraction directory"
},
{
"cve": "CVE-2025-4138",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-12T09:03:58.434950+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Python tarfile module. This vulnerability allows attackers to bypass extraction filters, enabling symlink targets to escape the destination directory and allowing unauthorized modification of file metadata via the use of TarFile.extract() or TarFile.extractall() with the filter= parameter set to \"data\" or \"tar\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4138"
},
{
"category": "external",
"summary": "RHBZ#2372426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4138",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4138"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:59:02.717000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Red Hat recommends upgrading to a fixed release of Python as soon as one is available. This vulnerability can be mitigated by rejecting links inside tarfiles that use relative references to the parent directory. The upstream advisory provides this example code:\n\n\u0027\u0027\u0027\n# Avoid insecure segments in link names.\nfor member in tar.getmembers():\n if not member.islnk():\n continue\n if os.pardir in os.path.split(member.linkname):\n raise OSError(\"Tarfile with insecure segment (\u0027..\u0027) in linkname\")\n\n# Now safe to extract members with the data filter.\ntar.extractall(filter=\"data\")\n\u0027\u0027\u0027",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory"
},
{
"cve": "CVE-2025-4330",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-03T14:01:00.653313+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370014"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CPython\u0027s tarfile module. This vulnerability allows bypassing of extraction filters, enabling symlink traversal outside the intended extraction directory and potential modification of file metadata via malicious tar archives using TarFile.extractall() or TarFile.extract() with the filter=\"data\" or filter=\"tar\" parameters. This issue leads to potentially overwriting or modifying system files and metadata.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Extraction filter bypass for linking outside extraction directory",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability was lowered due to the fact that successful exploitation requires the attacker to convince a privileged user or process to extract a malicious tar file. Since tar file extraction typically occurs in trusted contexts or with elevated privileges, the impact is reduced by the requirement of this access.\n\nVersions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4330"
},
{
"category": "external",
"summary": "RHBZ#2370014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370014"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4330",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4330"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:58:57.452000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: Extraction filter bypass for linking outside extraction directory"
},
{
"cve": "CVE-2025-4435",
"cwe": {
"id": "CWE-706",
"name": "Use of Incorrectly-Resolved Name or Reference"
},
"discovery_date": "2025-06-03T14:00:46.485917+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370010"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CPython\u0027s tarfile module. This vulnerability allows unauthorized file extraction via crafted tar archives when TarFile.errorlevel=0, bypassing expected filtering mechanisms.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Tarfile extracts filtered members when errorlevel=0",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability was lowered due to the fact that successful exploitation requires the attacker to convince a privileged user or process to extract a malicious tar file. Since tar file extraction typically occurs in trusted contexts or with elevated privileges, the impact is reduced by the requirement of such access.\n\nVersions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-706: Use of Incorrectly-Resolved Name or Reference and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess enforcement and least privilege limit resolution of internal objects and services to explicitly authorized users and processes, reducing the risk of unintended interactions.. Configuration settings are tightly managed to ensure consistent and accurate resolution of names, paths, and references across deployments. Least functionality reduces exposure by disabling unused features and restricting access to unnecessary components. Additionally, real-time monitoring detects anomalous behavior or access attempts involving misconfigured or invalid references, enabling timely response and containment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4435"
},
{
"category": "external",
"summary": "RHBZ#2370010",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370010"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4435",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4435"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:59:06.792000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Tarfile extracts filtered members when errorlevel=0"
},
{
"cve": "CVE-2025-4517",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-06-03T14:01:12.271192+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2370016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the CPython tarfile module. This vulnerability allows arbitrary filesystem writes outside the extraction directory via extracting untrusted tar archives using the TarFile.extractall() or TarFile.extract() methods with the extraction filter parameter set to \"data\" or \"tar\".",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: cpython: Arbitrary writes via tarfile realpath overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this vulnerability was lowered due to the fact that successful exploitation requires the attacker to convince a privileged user or process to extract a malicious tar file. Since tar file extraction typically occurs in trusted contexts or with elevated privileges, the impact is reduced by the requirement of such access.\n\nVersions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4517"
},
{
"category": "external",
"summary": "RHBZ#2370016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4517",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4517"
},
{
"category": "external",
"summary": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f",
"url": "https://gist.github.com/sethmlarson/52398e33eff261329a0180ac1d54f42f"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a",
"url": "https://github.com/python/cpython/commit/3612d8f51741b11f36f8fb0494d79086bac9390a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a",
"url": "https://github.com/python/cpython/commit/9e0ac76d96cf80b49055f6d6b9a6763fb9215c2a"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135034",
"url": "https://github.com/python/cpython/issues/135034"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135037",
"url": "https://github.com/python/cpython/pull/135037"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/MAXIJJCUUMCL7ATZNDVEGGHUMQMUUKLG/"
}
],
"release_date": "2025-06-03T12:58:50.352000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python: cpython: Arbitrary writes via tarfile realpath overflow"
},
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"acknowledgments": [
{
"names": [
"Sergei Glazunov"
],
"organization": "Google Project Zero"
}
],
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-10T09:37:28.172000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379274"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This heap-use-after-free vulnerability in libxslt is rated Important because it can lead to memory corruption and application crashes. The flaw arises when internal attribute metadata (atype) is modified by libxslt\u0027s xsltSetSourceNodeFlags() function during processing of result tree fragments. If the flag corruption prevents proper removal of ID references, later memory cleanup routines may operate on already-freed memory. Since libxslt is commonly used in server-side XML processing, this could result in denial-of-service or potentially facilitate code execution under certain memory reuse conditions.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-7425"
},
{
"category": "external",
"summary": "RHBZ#2379274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379274"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7425"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140"
}
],
"release_date": "2025-07-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxslt: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr"
},
{
"cve": "CVE-2025-40909",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2025-05-30T13:00:49.546076+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369407"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Perl standard library threads component. This vulnerability can allow a local attacker to exploit a race condition in directory handling to access files or load code from unexpected locations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "perl: Perl threads have a working directory race condition where file operations may target unintended paths",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027) or CWE-426: Untrusted Search Path vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces least functionality by enabling only essential features, services, and ports to reduce the system\u2019s attack surface. Static code analysis, peer reviews, and robust input validation and error handling detect unsafe input that could affect execution timing or path resolution. Real-time threat detection, including IPS/IDS, antimalware, and continuous system monitoring, enables rapid identification of exploitation attempts. Process isolation reduces the likelihood of concurrent execution conflicts and contains any impact to isolated workloads. Executable search paths are restricted to trusted, explicitly defined directories, mitigating the risk of executing malicious files. These controls effectively lower the likelihood and impact of race conditions and untrusted path exploitation in the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-40909"
},
{
"category": "external",
"summary": "RHBZ#2369407",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369407"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-40909",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-40909"
},
{
"category": "external",
"summary": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098226"
},
{
"category": "external",
"summary": "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e",
"url": "https://github.com/Perl/perl5/commit/11a11ecf4bea72b17d250cfb43c897be1341861e"
},
{
"category": "external",
"summary": "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch",
"url": "https://github.com/Perl/perl5/commit/918bfff86ca8d6d4e4ec5b30994451e0bd74aba9.patch"
},
{
"category": "external",
"summary": "https://github.com/Perl/perl5/issues/10387",
"url": "https://github.com/Perl/perl5/issues/10387"
},
{
"category": "external",
"summary": "https://github.com/Perl/perl5/issues/23010",
"url": "https://github.com/Perl/perl5/issues/23010"
},
{
"category": "external",
"summary": "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads",
"url": "https://perldoc.perl.org/5.14.0/perl5136delta#Directory-handles-not-copied-to-threads"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/22/2",
"url": "https://www.openwall.com/lists/oss-security/2025/05/22/2"
}
],
"release_date": "2025-05-30T12:20:11.237000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "perl: Perl threads have a working directory race condition where file operations may target unintended paths"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-08-06T15:26:03+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer RPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:18fa5a5b82d77afe7a92e0115daf8c23df0f817d5917747d35212dc7e4c66413_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:2020475c1f39087c770ff031c3a4c0b384aa680b1b9a8278ad80d127420ffffc_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
}
]
}
opensuse-su-2025:15321-1
Vulnerability from csaf_opensuse
Published
2025-07-08 00:00
Modified
2025-07-08 00:00
Summary
libxml2-2-2.13.8-2.1 on GA media
Notes
Title of the patch
libxml2-2-2.13.8-2.1 on GA media
Description of the patch
These are all security issues fixed in the libxml2-2-2.13.8-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15321
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libxml2-2-2.13.8-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libxml2-2-2.13.8-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15321",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15321-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6170 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6170/"
}
],
"title": "libxml2-2-2.13.8-2.1 on GA media",
"tracking": {
"current_release_date": "2025-07-08T00:00:00Z",
"generator": {
"date": "2025-07-08T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15321-1",
"initial_release_date": "2025-07-08T00:00:00Z",
"revision_history": [
{
"date": "2025-07-08T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.13.8-2.1.aarch64",
"product": {
"name": "libxml2-2-2.13.8-2.1.aarch64",
"product_id": "libxml2-2-2.13.8-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.13.8-2.1.aarch64",
"product": {
"name": "libxml2-2-32bit-2.13.8-2.1.aarch64",
"product_id": "libxml2-2-32bit-2.13.8-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.13.8-2.1.aarch64",
"product": {
"name": "libxml2-devel-2.13.8-2.1.aarch64",
"product_id": "libxml2-devel-2.13.8-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.13.8-2.1.aarch64",
"product": {
"name": "libxml2-devel-32bit-2.13.8-2.1.aarch64",
"product_id": "libxml2-devel-32bit-2.13.8-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-doc-2.13.8-2.1.aarch64",
"product": {
"name": "libxml2-doc-2.13.8-2.1.aarch64",
"product_id": "libxml2-doc-2.13.8-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.13.8-2.1.aarch64",
"product": {
"name": "libxml2-tools-2.13.8-2.1.aarch64",
"product_id": "libxml2-tools-2.13.8-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.13.8-2.1.ppc64le",
"product": {
"name": "libxml2-2-2.13.8-2.1.ppc64le",
"product_id": "libxml2-2-2.13.8-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.13.8-2.1.ppc64le",
"product": {
"name": "libxml2-2-32bit-2.13.8-2.1.ppc64le",
"product_id": "libxml2-2-32bit-2.13.8-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.13.8-2.1.ppc64le",
"product": {
"name": "libxml2-devel-2.13.8-2.1.ppc64le",
"product_id": "libxml2-devel-2.13.8-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"product": {
"name": "libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"product_id": "libxml2-devel-32bit-2.13.8-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-doc-2.13.8-2.1.ppc64le",
"product": {
"name": "libxml2-doc-2.13.8-2.1.ppc64le",
"product_id": "libxml2-doc-2.13.8-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.13.8-2.1.ppc64le",
"product": {
"name": "libxml2-tools-2.13.8-2.1.ppc64le",
"product_id": "libxml2-tools-2.13.8-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.13.8-2.1.s390x",
"product": {
"name": "libxml2-2-2.13.8-2.1.s390x",
"product_id": "libxml2-2-2.13.8-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.13.8-2.1.s390x",
"product": {
"name": "libxml2-2-32bit-2.13.8-2.1.s390x",
"product_id": "libxml2-2-32bit-2.13.8-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.13.8-2.1.s390x",
"product": {
"name": "libxml2-devel-2.13.8-2.1.s390x",
"product_id": "libxml2-devel-2.13.8-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.13.8-2.1.s390x",
"product": {
"name": "libxml2-devel-32bit-2.13.8-2.1.s390x",
"product_id": "libxml2-devel-32bit-2.13.8-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-doc-2.13.8-2.1.s390x",
"product": {
"name": "libxml2-doc-2.13.8-2.1.s390x",
"product_id": "libxml2-doc-2.13.8-2.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.13.8-2.1.s390x",
"product": {
"name": "libxml2-tools-2.13.8-2.1.s390x",
"product_id": "libxml2-tools-2.13.8-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.13.8-2.1.x86_64",
"product": {
"name": "libxml2-2-2.13.8-2.1.x86_64",
"product_id": "libxml2-2-2.13.8-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.13.8-2.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.13.8-2.1.x86_64",
"product_id": "libxml2-2-32bit-2.13.8-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.13.8-2.1.x86_64",
"product": {
"name": "libxml2-devel-2.13.8-2.1.x86_64",
"product_id": "libxml2-devel-2.13.8-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.13.8-2.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.13.8-2.1.x86_64",
"product_id": "libxml2-devel-32bit-2.13.8-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-doc-2.13.8-2.1.x86_64",
"product": {
"name": "libxml2-doc-2.13.8-2.1.x86_64",
"product_id": "libxml2-doc-2.13.8-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.13.8-2.1.x86_64",
"product": {
"name": "libxml2-tools-2.13.8-2.1.x86_64",
"product_id": "libxml2-tools-2.13.8-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.13.8-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64"
},
"product_reference": "libxml2-2-2.13.8-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.13.8-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le"
},
"product_reference": "libxml2-2-2.13.8-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.13.8-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x"
},
"product_reference": "libxml2-2-2.13.8-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.13.8-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64"
},
"product_reference": "libxml2-2-2.13.8-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.13.8-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64"
},
"product_reference": "libxml2-2-32bit-2.13.8-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.13.8-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le"
},
"product_reference": "libxml2-2-32bit-2.13.8-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.13.8-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x"
},
"product_reference": "libxml2-2-32bit-2.13.8-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.13.8-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.13.8-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.13.8-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64"
},
"product_reference": "libxml2-devel-2.13.8-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.13.8-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le"
},
"product_reference": "libxml2-devel-2.13.8-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.13.8-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x"
},
"product_reference": "libxml2-devel-2.13.8-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.13.8-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64"
},
"product_reference": "libxml2-devel-2.13.8-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-32bit-2.13.8-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64"
},
"product_reference": "libxml2-devel-32bit-2.13.8-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-32bit-2.13.8-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le"
},
"product_reference": "libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-32bit-2.13.8-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x"
},
"product_reference": "libxml2-devel-32bit-2.13.8-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-32bit-2.13.8-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64"
},
"product_reference": "libxml2-devel-32bit-2.13.8-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.13.8-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64"
},
"product_reference": "libxml2-doc-2.13.8-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.13.8-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le"
},
"product_reference": "libxml2-doc-2.13.8-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.13.8-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x"
},
"product_reference": "libxml2-doc-2.13.8-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.13.8-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64"
},
"product_reference": "libxml2-doc-2.13.8-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.13.8-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64"
},
"product_reference": "libxml2-tools-2.13.8-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.13.8-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le"
},
"product_reference": "libxml2-tools-2.13.8-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.13.8-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x"
},
"product_reference": "libxml2-tools-2.13.8-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.13.8-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
},
"product_reference": "libxml2-tools-2.13.8-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-49794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49794"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49794",
"url": "https://www.suse.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "SUSE Bug 1244554 for CVE-2025-49794",
"url": "https://bugzilla.suse.com/1244554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49795"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49795",
"url": "https://www.suse.com/security/cve/CVE-2025-49795"
},
{
"category": "external",
"summary": "SUSE Bug 1244555 for CVE-2025-49795",
"url": "https://bugzilla.suse.com/1244555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-49795"
},
{
"cve": "CVE-2025-49796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49796"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49796",
"url": "https://www.suse.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "SUSE Bug 1244557 for CVE-2025-49796",
"url": "https://bugzilla.suse.com/1244557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-6021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6021"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6021",
"url": "https://www.suse.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "SUSE Bug 1244580 for CVE-2025-6021",
"url": "https://bugzilla.suse.com/1244580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6170"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6170",
"url": "https://www.suse.com/security/cve/CVE-2025-6170"
},
{
"category": "external",
"summary": "SUSE Bug 1244700 for CVE-2025-6170",
"url": "https://bugzilla.suse.com/1244700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-2-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-devel-32bit-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-doc-2.13.8-2.1.x86_64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.aarch64",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.ppc64le",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.s390x",
"openSUSE Tumbleweed:libxml2-tools-2.13.8-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-6170"
}
]
}
ghsa-83xx-9f6p-vwfj
Vulnerability from github
Published
2025-06-16 18:32
Modified
2025-08-07 09:30
Severity ?
VLAI Severity ?
Details
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
{
"affected": [],
"aliases": [
"CVE-2025-49796"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-06-16T16:15:19Z",
"severity": "CRITICAL"
},
"details": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"id": "GHSA-83xx-9f6p-vwfj",
"modified": "2025-08-07T09:30:34Z",
"published": "2025-06-16T18:32:19Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
suse-su-2025:02294-1
Vulnerability from csaf_suse
Published
2025-07-11 14:47
Modified
2025-07-11 14:47
Summary
Security update for libxml2
Notes
Title of the patch
Security update for libxml2
Description of the patch
This update for libxml2 fixes the following issues:
- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)
- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)
- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)
- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)
Patchnames
SUSE-2025-2294,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2294,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2294
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)\n- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)\n- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)\n- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2294,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2294,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2294",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02294-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02294-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502294-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02294-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040694.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244554",
"url": "https://bugzilla.suse.com/1244554"
},
{
"category": "self",
"summary": "SUSE Bug 1244557",
"url": "https://bugzilla.suse.com/1244557"
},
{
"category": "self",
"summary": "SUSE Bug 1244590",
"url": "https://bugzilla.suse.com/1244590"
},
{
"category": "self",
"summary": "SUSE Bug 1244700",
"url": "https://bugzilla.suse.com/1244700"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6170 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6170/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-07-11T14:47:43Z",
"generator": {
"date": "2025-07-11T14:47:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02294-1",
"initial_release_date": "2025-07-11T14:47:43Z",
"revision_history": [
{
"date": "2025-07-11T14:47:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.87.1.aarch64",
"product": {
"name": "libxml2-2-2.9.4-46.87.1.aarch64",
"product_id": "libxml2-2-2.9.4-46.87.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.87.1.aarch64",
"product": {
"name": "libxml2-devel-2.9.4-46.87.1.aarch64",
"product_id": "libxml2-devel-2.9.4-46.87.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.87.1.aarch64",
"product": {
"name": "libxml2-tools-2.9.4-46.87.1.aarch64",
"product_id": "libxml2-tools-2.9.4-46.87.1.aarch64"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.87.1.aarch64",
"product": {
"name": "python-libxml2-2.9.4-46.87.1.aarch64",
"product_id": "python-libxml2-2.9.4-46.87.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.9.4-46.87.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.9.4-46.87.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.9.4-46.87.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.9.4-46.87.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.9.4-46.87.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.9.4-46.87.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.87.1.i586",
"product": {
"name": "libxml2-2-2.9.4-46.87.1.i586",
"product_id": "libxml2-2-2.9.4-46.87.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.87.1.i586",
"product": {
"name": "libxml2-devel-2.9.4-46.87.1.i586",
"product_id": "libxml2-devel-2.9.4-46.87.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.87.1.i586",
"product": {
"name": "libxml2-tools-2.9.4-46.87.1.i586",
"product_id": "libxml2-tools-2.9.4-46.87.1.i586"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.87.1.i586",
"product": {
"name": "python-libxml2-2.9.4-46.87.1.i586",
"product_id": "python-libxml2-2.9.4-46.87.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.9.4-46.87.1.noarch",
"product": {
"name": "libxml2-doc-2.9.4-46.87.1.noarch",
"product_id": "libxml2-doc-2.9.4-46.87.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.87.1.ppc64le",
"product": {
"name": "libxml2-2-2.9.4-46.87.1.ppc64le",
"product_id": "libxml2-2-2.9.4-46.87.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.87.1.ppc64le",
"product": {
"name": "libxml2-devel-2.9.4-46.87.1.ppc64le",
"product_id": "libxml2-devel-2.9.4-46.87.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.87.1.ppc64le",
"product": {
"name": "libxml2-tools-2.9.4-46.87.1.ppc64le",
"product_id": "libxml2-tools-2.9.4-46.87.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.87.1.ppc64le",
"product": {
"name": "python-libxml2-2.9.4-46.87.1.ppc64le",
"product_id": "python-libxml2-2.9.4-46.87.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.87.1.s390",
"product": {
"name": "libxml2-2-2.9.4-46.87.1.s390",
"product_id": "libxml2-2-2.9.4-46.87.1.s390"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.87.1.s390",
"product": {
"name": "libxml2-devel-2.9.4-46.87.1.s390",
"product_id": "libxml2-devel-2.9.4-46.87.1.s390"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.87.1.s390",
"product": {
"name": "libxml2-tools-2.9.4-46.87.1.s390",
"product_id": "libxml2-tools-2.9.4-46.87.1.s390"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.87.1.s390",
"product": {
"name": "python-libxml2-2.9.4-46.87.1.s390",
"product_id": "python-libxml2-2.9.4-46.87.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.87.1.s390x",
"product": {
"name": "libxml2-2-2.9.4-46.87.1.s390x",
"product_id": "libxml2-2-2.9.4-46.87.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.9.4-46.87.1.s390x",
"product": {
"name": "libxml2-2-32bit-2.9.4-46.87.1.s390x",
"product_id": "libxml2-2-32bit-2.9.4-46.87.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.87.1.s390x",
"product": {
"name": "libxml2-devel-2.9.4-46.87.1.s390x",
"product_id": "libxml2-devel-2.9.4-46.87.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.9.4-46.87.1.s390x",
"product": {
"name": "libxml2-devel-32bit-2.9.4-46.87.1.s390x",
"product_id": "libxml2-devel-32bit-2.9.4-46.87.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.87.1.s390x",
"product": {
"name": "libxml2-tools-2.9.4-46.87.1.s390x",
"product_id": "libxml2-tools-2.9.4-46.87.1.s390x"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.87.1.s390x",
"product": {
"name": "python-libxml2-2.9.4-46.87.1.s390x",
"product_id": "python-libxml2-2.9.4-46.87.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.4-46.87.1.x86_64",
"product": {
"name": "libxml2-2-2.9.4-46.87.1.x86_64",
"product_id": "libxml2-2-2.9.4-46.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"product_id": "libxml2-2-32bit-2.9.4-46.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.4-46.87.1.x86_64",
"product": {
"name": "libxml2-devel-2.9.4-46.87.1.x86_64",
"product_id": "libxml2-devel-2.9.4-46.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.9.4-46.87.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.9.4-46.87.1.x86_64",
"product_id": "libxml2-devel-32bit-2.9.4-46.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.4-46.87.1.x86_64",
"product": {
"name": "libxml2-tools-2.9.4-46.87.1.x86_64",
"product_id": "libxml2-tools-2.9.4-46.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "python-libxml2-2.9.4-46.87.1.x86_64",
"product": {
"name": "python-libxml2-2.9.4-46.87.1.x86_64",
"product_id": "python-libxml2-2.9.4-46.87.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.4-46.87.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64"
},
"product_reference": "libxml2-2-2.9.4-46.87.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.4-46.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le"
},
"product_reference": "libxml2-2-2.9.4-46.87.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.4-46.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x"
},
"product_reference": "libxml2-2-2.9.4-46.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64"
},
"product_reference": "libxml2-2-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.4-46.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x"
},
"product_reference": "libxml2-2-32bit-2.9.4-46.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.4-46.87.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64"
},
"product_reference": "libxml2-devel-2.9.4-46.87.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.4-46.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le"
},
"product_reference": "libxml2-devel-2.9.4-46.87.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.4-46.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x"
},
"product_reference": "libxml2-devel-2.9.4-46.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.9.4-46.87.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch"
},
"product_reference": "libxml2-doc-2.9.4-46.87.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.4-46.87.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.4-46.87.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.4-46.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le"
},
"product_reference": "libxml2-tools-2.9.4-46.87.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.4-46.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x"
},
"product_reference": "libxml2-tools-2.9.4-46.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-libxml2-2.9.4-46.87.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64"
},
"product_reference": "python-libxml2-2.9.4-46.87.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-libxml2-2.9.4-46.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le"
},
"product_reference": "python-libxml2-2.9.4-46.87.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-libxml2-2.9.4-46.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x"
},
"product_reference": "python-libxml2-2.9.4-46.87.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-libxml2-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64"
},
"product_reference": "python-libxml2-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64"
},
"product_reference": "libxml2-2-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.9.4-46.87.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch"
},
"product_reference": "libxml2-doc-2.9.4-46.87.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-libxml2-2.9.4-46.87.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
},
"product_reference": "python-libxml2-2.9.4-46.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-49794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49794"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49794",
"url": "https://www.suse.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "SUSE Bug 1244554 for CVE-2025-49794",
"url": "https://bugzilla.suse.com/1244554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T14:47:43Z",
"details": "important"
}
],
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49796"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49796",
"url": "https://www.suse.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "SUSE Bug 1244557 for CVE-2025-49796",
"url": "https://bugzilla.suse.com/1244557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T14:47:43Z",
"details": "important"
}
],
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-6021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6021"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6021",
"url": "https://www.suse.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "SUSE Bug 1244580 for CVE-2025-6021",
"url": "https://bugzilla.suse.com/1244580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T14:47:43Z",
"details": "important"
}
],
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6170"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6170",
"url": "https://www.suse.com/security/cve/CVE-2025-6170"
},
{
"category": "external",
"summary": "SUSE Bug 1244700 for CVE-2025-6170",
"url": "https://bugzilla.suse.com/1244700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:python-libxml2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-2-32bit-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-devel-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-doc-2.9.4-46.87.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libxml2-tools-2.9.4-46.87.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:python-libxml2-2.9.4-46.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-11T14:47:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-6170"
}
]
}
suse-su-2025:02314-1
Vulnerability from csaf_suse
Published
2025-07-15 12:34
Modified
2025-07-15 12:34
Summary
Security update for libxml2
Notes
Title of the patch
Security update for libxml2
Description of the patch
This update for libxml2 fixes the following issues:
- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)
- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)
- CVE-2025-49795: Fixed a null pointer dereference which could lead to denial of service. (bsc#1244555)
- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)
- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)
Patchnames
SUSE-2025-2314,SUSE-SLE-Micro-5.5-2025-2314,SUSE-SLE-Module-Basesystem-15-SP6-2025-2314,SUSE-SLE-Module-Python3-15-SP6-2025-2314,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2314,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2314,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2314,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2314,openSUSE-SLE-15.6-2025-2314
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)\n- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)\n- CVE-2025-49795: Fixed a null pointer dereference which could lead to denial of service. (bsc#1244555)\n- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)\n- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2314,SUSE-SLE-Micro-5.5-2025-2314,SUSE-SLE-Module-Basesystem-15-SP6-2025-2314,SUSE-SLE-Module-Python3-15-SP6-2025-2314,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2314,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2314,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2314,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2314,openSUSE-SLE-15.6-2025-2314",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02314-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02314-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502314-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02314-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021818.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244554",
"url": "https://bugzilla.suse.com/1244554"
},
{
"category": "self",
"summary": "SUSE Bug 1244555",
"url": "https://bugzilla.suse.com/1244555"
},
{
"category": "self",
"summary": "SUSE Bug 1244557",
"url": "https://bugzilla.suse.com/1244557"
},
{
"category": "self",
"summary": "SUSE Bug 1244590",
"url": "https://bugzilla.suse.com/1244590"
},
{
"category": "self",
"summary": "SUSE Bug 1244700",
"url": "https://bugzilla.suse.com/1244700"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6170 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6170/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-07-15T12:34:11Z",
"generator": {
"date": "2025-07-15T12:34:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02314-1",
"initial_release_date": "2025-07-15T12:34:11Z",
"revision_history": [
{
"date": "2025-07-15T12:34:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.29.1.aarch64",
"product": {
"name": "libxml2-2-2.10.3-150500.5.29.1.aarch64",
"product_id": "libxml2-2-2.10.3-150500.5.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"product_id": "libxml2-devel-2.10.3-150500.5.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"product_id": "libxml2-tools-2.10.3-150500.5.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"product_id": "python3-libxml2-2.10.3-150500.5.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"product_id": "python311-libxml2-2.10.3-150500.5.29.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.10.3-150500.5.29.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.10.3-150500.5.29.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.10.3-150500.5.29.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.10.3-150500.5.29.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.10.3-150500.5.29.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.10.3-150500.5.29.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.29.1.i586",
"product": {
"name": "libxml2-2-2.10.3-150500.5.29.1.i586",
"product_id": "libxml2-2-2.10.3-150500.5.29.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.29.1.i586",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.i586",
"product_id": "libxml2-devel-2.10.3-150500.5.29.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.29.1.i586",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.i586",
"product_id": "libxml2-tools-2.10.3-150500.5.29.1.i586"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.29.1.i586",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.i586",
"product_id": "python3-libxml2-2.10.3-150500.5.29.1.i586"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.29.1.i586",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.i586",
"product_id": "python311-libxml2-2.10.3-150500.5.29.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.10.3-150500.5.29.1.noarch",
"product": {
"name": "libxml2-doc-2.10.3-150500.5.29.1.noarch",
"product_id": "libxml2-doc-2.10.3-150500.5.29.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"product": {
"name": "libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"product_id": "libxml2-2-2.10.3-150500.5.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"product_id": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"product_id": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"product_id": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"product_id": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.29.1.s390x",
"product": {
"name": "libxml2-2-2.10.3-150500.5.29.1.s390x",
"product_id": "libxml2-2-2.10.3-150500.5.29.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.29.1.s390x",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.s390x",
"product_id": "libxml2-devel-2.10.3-150500.5.29.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.29.1.s390x",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.s390x",
"product_id": "libxml2-tools-2.10.3-150500.5.29.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.29.1.s390x",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.s390x",
"product_id": "python3-libxml2-2.10.3-150500.5.29.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.29.1.s390x",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.s390x",
"product_id": "python311-libxml2-2.10.3-150500.5.29.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"product": {
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"product_id": "libxml2-2-2.10.3-150500.5.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"product_id": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"product": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"product_id": "libxml2-devel-2.10.3-150500.5.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"product_id": "libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"product": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"product_id": "libxml2-tools-2.10.3-150500.5.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"product": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"product_id": "python3-libxml2-2.10.3-150500.5.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"product": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"product_id": "python311-libxml2-2.10.3-150500.5.29.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-python3:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.10.3-150500.5.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.10.3-150500.5.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-doc-2.10.3-150500.5.29.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch"
},
"product_reference": "libxml2-doc-2.10.3-150500.5.29.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.10.3-150500.5.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.10.3-150500.5.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.10.3-150500.5.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
},
"product_reference": "python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-49794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49794"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49794",
"url": "https://www.suse.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "SUSE Bug 1244554 for CVE-2025-49794",
"url": "https://bugzilla.suse.com/1244554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T12:34:11Z",
"details": "important"
}
],
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49795"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49795",
"url": "https://www.suse.com/security/cve/CVE-2025-49795"
},
{
"category": "external",
"summary": "SUSE Bug 1244555 for CVE-2025-49795",
"url": "https://bugzilla.suse.com/1244555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T12:34:11Z",
"details": "important"
}
],
"title": "CVE-2025-49795"
},
{
"cve": "CVE-2025-49796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49796"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49796",
"url": "https://www.suse.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "SUSE Bug 1244557 for CVE-2025-49796",
"url": "https://bugzilla.suse.com/1244557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T12:34:11Z",
"details": "important"
}
],
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-6021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6021"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6021",
"url": "https://www.suse.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "SUSE Bug 1244580 for CVE-2025-6021",
"url": "https://bugzilla.suse.com/1244580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T12:34:11Z",
"details": "important"
}
],
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6170"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6170",
"url": "https://www.suse.com/security/cve/CVE-2025-6170"
},
{
"category": "external",
"summary": "SUSE Bug 1244700 for CVE-2025-6170",
"url": "https://bugzilla.suse.com/1244700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Micro 5.5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP6:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-2-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-devel-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-devel-32bit-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:libxml2-doc-2.10.3-150500.5.29.1.noarch",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:libxml2-tools-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-2.10.3-150500.5.29.1.x86_64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.aarch64",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.ppc64le",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.s390x",
"openSUSE Leap 15.6:python311-libxml2-2.10.3-150500.5.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-15T12:34:11Z",
"details": "moderate"
}
],
"title": "CVE-2025-6170"
}
]
}
suse-su-2025:02260-1
Vulnerability from csaf_suse
Published
2025-07-09 17:04
Modified
2025-07-09 17:04
Summary
Security update for libxml2
Notes
Title of the patch
Security update for libxml2
Description of the patch
This update for libxml2 fixes the following issues:
- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)
- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)
- CVE-2025-49795: Fixed a null pointer dereference which could lead to denial of service. (bsc#1244555)
- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)
- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)
Patchnames
SUSE-2025-2260,SUSE-SLE-Module-Basesystem-15-SP7-2025-2260,SUSE-SLE-Module-Python3-15-SP7-2025-2260
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)\n- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)\n- CVE-2025-49795: Fixed a null pointer dereference which could lead to denial of service. (bsc#1244555)\n- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)\n- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2260,SUSE-SLE-Module-Basesystem-15-SP7-2025-2260,SUSE-SLE-Module-Python3-15-SP7-2025-2260",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02260-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02260-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502260-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02260-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040658.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244554",
"url": "https://bugzilla.suse.com/1244554"
},
{
"category": "self",
"summary": "SUSE Bug 1244555",
"url": "https://bugzilla.suse.com/1244555"
},
{
"category": "self",
"summary": "SUSE Bug 1244557",
"url": "https://bugzilla.suse.com/1244557"
},
{
"category": "self",
"summary": "SUSE Bug 1244590",
"url": "https://bugzilla.suse.com/1244590"
},
{
"category": "self",
"summary": "SUSE Bug 1244700",
"url": "https://bugzilla.suse.com/1244700"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6170 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6170/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-07-09T17:04:33Z",
"generator": {
"date": "2025-07-09T17:04:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02260-1",
"initial_release_date": "2025-07-09T17:04:33Z",
"revision_history": [
{
"date": "2025-07-09T17:04:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.12.10-150700.4.3.1.aarch64",
"product": {
"name": "libxml2-2-2.12.10-150700.4.3.1.aarch64",
"product_id": "libxml2-2-2.12.10-150700.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"product": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"product_id": "libxml2-devel-2.12.10-150700.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"product": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"product_id": "libxml2-tools-2.12.10-150700.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"product": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"product_id": "python3-libxml2-2.12.10-150700.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"product": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"product_id": "python311-libxml2-2.12.10-150700.4.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.12.10-150700.4.3.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.12.10-150700.4.3.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.12.10-150700.4.3.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.12.10-150700.4.3.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.12.10-150700.4.3.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.12.10-150700.4.3.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.12.10-150700.4.3.1.i586",
"product": {
"name": "libxml2-2-2.12.10-150700.4.3.1.i586",
"product_id": "libxml2-2-2.12.10-150700.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.12.10-150700.4.3.1.i586",
"product": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.i586",
"product_id": "libxml2-devel-2.12.10-150700.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.12.10-150700.4.3.1.i586",
"product": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.i586",
"product_id": "libxml2-tools-2.12.10-150700.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.12.10-150700.4.3.1.i586",
"product": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.i586",
"product_id": "python3-libxml2-2.12.10-150700.4.3.1.i586"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.12.10-150700.4.3.1.i586",
"product": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.i586",
"product_id": "python311-libxml2-2.12.10-150700.4.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.12.10-150700.4.3.1.noarch",
"product": {
"name": "libxml2-doc-2.12.10-150700.4.3.1.noarch",
"product_id": "libxml2-doc-2.12.10-150700.4.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"product": {
"name": "libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"product_id": "libxml2-2-2.12.10-150700.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"product": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"product_id": "libxml2-devel-2.12.10-150700.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"product": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"product_id": "libxml2-tools-2.12.10-150700.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"product": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"product_id": "python3-libxml2-2.12.10-150700.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"product": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"product_id": "python311-libxml2-2.12.10-150700.4.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.12.10-150700.4.3.1.s390x",
"product": {
"name": "libxml2-2-2.12.10-150700.4.3.1.s390x",
"product_id": "libxml2-2-2.12.10-150700.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.12.10-150700.4.3.1.s390x",
"product": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.s390x",
"product_id": "libxml2-devel-2.12.10-150700.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.12.10-150700.4.3.1.s390x",
"product": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.s390x",
"product_id": "libxml2-tools-2.12.10-150700.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.12.10-150700.4.3.1.s390x",
"product": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.s390x",
"product_id": "python3-libxml2-2.12.10-150700.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.12.10-150700.4.3.1.s390x",
"product": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.s390x",
"product_id": "python311-libxml2-2.12.10-150700.4.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.12.10-150700.4.3.1.x86_64",
"product": {
"name": "libxml2-2-2.12.10-150700.4.3.1.x86_64",
"product_id": "libxml2-2-2.12.10-150700.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"product_id": "libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"product": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"product_id": "libxml2-devel-2.12.10-150700.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.12.10-150700.4.3.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.12.10-150700.4.3.1.x86_64",
"product_id": "libxml2-devel-32bit-2.12.10-150700.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"product": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"product_id": "libxml2-tools-2.12.10-150700.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"product": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"product_id": "python3-libxml2-2.12.10-150700.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.12.10-150700.4.3.1.x86_64",
"product": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.x86_64",
"product_id": "python311-libxml2-2.12.10-150700.4.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Python 3 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Python 3 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-python3:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.12.10-150700.4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64"
},
"product_reference": "libxml2-2-2.12.10-150700.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.12.10-150700.4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le"
},
"product_reference": "libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.12.10-150700.4.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x"
},
"product_reference": "libxml2-2-2.12.10-150700.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.12.10-150700.4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64"
},
"product_reference": "libxml2-2-2.12.10-150700.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64"
},
"product_reference": "libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le"
},
"product_reference": "libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x"
},
"product_reference": "libxml2-devel-2.12.10-150700.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.12.10-150700.4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64"
},
"product_reference": "libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64"
},
"product_reference": "libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le"
},
"product_reference": "libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x"
},
"product_reference": "libxml2-tools-2.12.10-150700.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.12.10-150700.4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64"
},
"product_reference": "libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64"
},
"product_reference": "python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le"
},
"product_reference": "python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x"
},
"product_reference": "python3-libxml2-2.12.10-150700.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.12.10-150700.4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64"
},
"product_reference": "python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.aarch64 as component of SUSE Linux Enterprise Module for Python 3 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64"
},
"product_reference": "python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.ppc64le as component of SUSE Linux Enterprise Module for Python 3 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le"
},
"product_reference": "python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.s390x as component of SUSE Linux Enterprise Module for Python 3 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x"
},
"product_reference": "python311-libxml2-2.12.10-150700.4.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.12.10-150700.4.3.1.x86_64 as component of SUSE Linux Enterprise Module for Python 3 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
},
"product_reference": "python311-libxml2-2.12.10-150700.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-49794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49794"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49794",
"url": "https://www.suse.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "SUSE Bug 1244554 for CVE-2025-49794",
"url": "https://bugzilla.suse.com/1244554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-09T17:04:33Z",
"details": "important"
}
],
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49795"
}
],
"notes": [
{
"category": "general",
"text": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49795",
"url": "https://www.suse.com/security/cve/CVE-2025-49795"
},
{
"category": "external",
"summary": "SUSE Bug 1244555 for CVE-2025-49795",
"url": "https://bugzilla.suse.com/1244555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-09T17:04:33Z",
"details": "important"
}
],
"title": "CVE-2025-49795"
},
{
"cve": "CVE-2025-49796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49796"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49796",
"url": "https://www.suse.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "SUSE Bug 1244557 for CVE-2025-49796",
"url": "https://bugzilla.suse.com/1244557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-09T17:04:33Z",
"details": "important"
}
],
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-6021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6021"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6021",
"url": "https://www.suse.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "SUSE Bug 1244580 for CVE-2025-6021",
"url": "https://bugzilla.suse.com/1244580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-09T17:04:33Z",
"details": "important"
}
],
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6170"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6170",
"url": "https://www.suse.com/security/cve/CVE-2025-6170"
},
{
"category": "external",
"summary": "SUSE Bug 1244700 for CVE-2025-6170",
"url": "https://bugzilla.suse.com/1244700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-2-32bit-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-devel-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libxml2-tools-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:python3-libxml2-2.12.10-150700.4.3.1.x86_64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.aarch64",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.ppc64le",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.s390x",
"SUSE Linux Enterprise Module for Python 3 15 SP7:python311-libxml2-2.12.10-150700.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-09T17:04:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-6170"
}
]
}
suse-su-2025:02275-1
Vulnerability from csaf_suse
Published
2025-07-10 14:34
Modified
2025-07-10 14:34
Summary
Security update for libxml2
Notes
Title of the patch
Security update for libxml2
Description of the patch
This update for libxml2 fixes the following issues:
- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)
- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)
- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)
- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)
Patchnames
SUSE-2025-2275,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2275,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2275,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2275,SUSE-SUSE-MicroOS-5.1-2025-2275,SUSE-SUSE-MicroOS-5.2-2025-2275,SUSE-Storage-7.1-2025-2275,openSUSE-SLE-15.6-2025-2275
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)\n- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)\n- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)\n- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2275,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2275,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2275,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2275,SUSE-SUSE-MicroOS-5.1-2025-2275,SUSE-SUSE-MicroOS-5.2-2025-2275,SUSE-Storage-7.1-2025-2275,openSUSE-SLE-15.6-2025-2275",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02275-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02275-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502275-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02275-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040677.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244554",
"url": "https://bugzilla.suse.com/1244554"
},
{
"category": "self",
"summary": "SUSE Bug 1244557",
"url": "https://bugzilla.suse.com/1244557"
},
{
"category": "self",
"summary": "SUSE Bug 1244590",
"url": "https://bugzilla.suse.com/1244590"
},
{
"category": "self",
"summary": "SUSE Bug 1244700",
"url": "https://bugzilla.suse.com/1244700"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6170 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6170/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-07-10T14:34:07Z",
"generator": {
"date": "2025-07-10T14:34:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02275-1",
"initial_release_date": "2025-07-10T14:34:07Z",
"revision_history": [
{
"date": "2025-07-10T14:34:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.82.1.aarch64",
"product": {
"name": "libxml2-2-2.9.7-150000.3.82.1.aarch64",
"product_id": "libxml2-2-2.9.7-150000.3.82.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"product_id": "libxml2-devel-2.9.7-150000.3.82.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"product_id": "libxml2-tools-2.9.7-150000.3.82.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"product_id": "python2-libxml2-python-2.9.7-150000.3.82.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"product_id": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.9.7-150000.3.82.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.9.7-150000.3.82.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.9.7-150000.3.82.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.9.7-150000.3.82.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.9.7-150000.3.82.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.9.7-150000.3.82.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.82.1.i586",
"product": {
"name": "libxml2-2-2.9.7-150000.3.82.1.i586",
"product_id": "libxml2-2-2.9.7-150000.3.82.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.82.1.i586",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.i586",
"product_id": "libxml2-devel-2.9.7-150000.3.82.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.82.1.i586",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.i586",
"product_id": "libxml2-tools-2.9.7-150000.3.82.1.i586"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.i586",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.i586",
"product_id": "python2-libxml2-python-2.9.7-150000.3.82.1.i586"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.i586",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.i586",
"product_id": "python3-libxml2-python-2.9.7-150000.3.82.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.9.7-150000.3.82.1.noarch",
"product": {
"name": "libxml2-doc-2.9.7-150000.3.82.1.noarch",
"product_id": "libxml2-doc-2.9.7-150000.3.82.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"product": {
"name": "libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"product_id": "libxml2-2-2.9.7-150000.3.82.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"product_id": "libxml2-devel-2.9.7-150000.3.82.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"product_id": "libxml2-tools-2.9.7-150000.3.82.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"product_id": "python2-libxml2-python-2.9.7-150000.3.82.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"product_id": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.82.1.s390x",
"product": {
"name": "libxml2-2-2.9.7-150000.3.82.1.s390x",
"product_id": "libxml2-2-2.9.7-150000.3.82.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.82.1.s390x",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.s390x",
"product_id": "libxml2-devel-2.9.7-150000.3.82.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.82.1.s390x",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.s390x",
"product_id": "libxml2-tools-2.9.7-150000.3.82.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.s390x",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.s390x",
"product_id": "python2-libxml2-python-2.9.7-150000.3.82.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"product_id": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.7-150000.3.82.1.x86_64",
"product": {
"name": "libxml2-2-2.9.7-150000.3.82.1.x86_64",
"product_id": "libxml2-2-2.9.7-150000.3.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"product_id": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"product": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"product_id": "libxml2-devel-2.9.7-150000.3.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.9.7-150000.3.82.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.9.7-150000.3.82.1.x86_64",
"product_id": "libxml2-devel-32bit-2.9.7-150000.3.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"product": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"product_id": "libxml2-tools-2.9.7-150000.3.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"product": {
"name": "python2-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"product_id": "python2-libxml2-python-2.9.7-150000.3.82.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"product": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"product_id": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.7-150000.3.82.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.7-150000.3.82.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.7-150000.3.82.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
},
"product_reference": "python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-49794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49794"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49794",
"url": "https://www.suse.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "SUSE Bug 1244554 for CVE-2025-49794",
"url": "https://bugzilla.suse.com/1244554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-10T14:34:07Z",
"details": "important"
}
],
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49796"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49796",
"url": "https://www.suse.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "SUSE Bug 1244557 for CVE-2025-49796",
"url": "https://bugzilla.suse.com/1244557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-10T14:34:07Z",
"details": "important"
}
],
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-6021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6021"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6021",
"url": "https://www.suse.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "SUSE Bug 1244580 for CVE-2025-6021",
"url": "https://bugzilla.suse.com/1244580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-10T14:34:07Z",
"details": "important"
}
],
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6170"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6170",
"url": "https://www.suse.com/security/cve/CVE-2025-6170"
},
{
"category": "external",
"summary": "SUSE Bug 1244700 for CVE-2025-6170",
"url": "https://bugzilla.suse.com/1244700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Enterprise Storage 7.1:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Micro 5.2:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-2-32bit-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-devel-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libxml2-tools-2.9.7-150000.3.82.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.aarch64",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.ppc64le",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.s390x",
"openSUSE Leap 15.6:python3-libxml2-python-2.9.7-150000.3.82.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-10T14:34:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-6170"
}
]
}
suse-su-2025:02355-1
Vulnerability from csaf_suse
Published
2025-07-17 13:02
Modified
2025-07-17 13:02
Summary
Security update for libxml2
Notes
Title of the patch
Security update for libxml2
Description of the patch
This update for libxml2 fixes the following issues:
- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)
- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)
- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)
- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)
Patchnames
SUSE-2025-2355,SUSE-SLE-Micro-5.3-2025-2355,SUSE-SLE-Micro-5.4-2025-2355,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2355,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2355,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2355,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2355,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2355,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2355
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libxml2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libxml2 fixes the following issues:\n\n- CVE-2025-49794: Fixed a heap use after free which could lead to denial of service. (bsc#1244554)\n- CVE-2025-49796: Fixed type confusion which could lead to denial of service. (bsc#1244557)\n- CVE-2025-6170: Fixed a stack buffer overflow which could lead to a crash. (bsc#1244700)\n- CVE-2025-6021: Fixed an integer overflow in xmlBuildQName() which could lead to stack buffer overflow. (bsc#1244590)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2355,SUSE-SLE-Micro-5.3-2025-2355,SUSE-SLE-Micro-5.4-2025-2355,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2355,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2355,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2355,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2355,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-2355,SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-2355",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02355-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02355-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502355-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02355-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-July/040759.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244554",
"url": "https://bugzilla.suse.com/1244554"
},
{
"category": "self",
"summary": "SUSE Bug 1244557",
"url": "https://bugzilla.suse.com/1244557"
},
{
"category": "self",
"summary": "SUSE Bug 1244590",
"url": "https://bugzilla.suse.com/1244590"
},
{
"category": "self",
"summary": "SUSE Bug 1244700",
"url": "https://bugzilla.suse.com/1244700"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-49796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-49796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6170 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6170/"
}
],
"title": "Security update for libxml2",
"tracking": {
"current_release_date": "2025-07-17T13:02:49Z",
"generator": {
"date": "2025-07-17T13:02:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02355-1",
"initial_release_date": "2025-07-17T13:02:49Z",
"revision_history": [
{
"date": "2025-07-17T13:02:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.44.1.aarch64",
"product": {
"name": "libxml2-2-2.9.14-150400.5.44.1.aarch64",
"product_id": "libxml2-2-2.9.14-150400.5.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"product_id": "libxml2-devel-2.9.14-150400.5.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"product_id": "libxml2-tools-2.9.14-150400.5.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"product_id": "python3-libxml2-2.9.14-150400.5.44.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"product_id": "python311-libxml2-2.9.14-150400.5.44.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-64bit-2.9.14-150400.5.44.1.aarch64_ilp32",
"product": {
"name": "libxml2-2-64bit-2.9.14-150400.5.44.1.aarch64_ilp32",
"product_id": "libxml2-2-64bit-2.9.14-150400.5.44.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libxml2-devel-64bit-2.9.14-150400.5.44.1.aarch64_ilp32",
"product": {
"name": "libxml2-devel-64bit-2.9.14-150400.5.44.1.aarch64_ilp32",
"product_id": "libxml2-devel-64bit-2.9.14-150400.5.44.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.44.1.i586",
"product": {
"name": "libxml2-2-2.9.14-150400.5.44.1.i586",
"product_id": "libxml2-2-2.9.14-150400.5.44.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.44.1.i586",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.i586",
"product_id": "libxml2-devel-2.9.14-150400.5.44.1.i586"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.44.1.i586",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.i586",
"product_id": "libxml2-tools-2.9.14-150400.5.44.1.i586"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.44.1.i586",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.i586",
"product_id": "python3-libxml2-2.9.14-150400.5.44.1.i586"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.44.1.i586",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.i586",
"product_id": "python311-libxml2-2.9.14-150400.5.44.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-doc-2.9.14-150400.5.44.1.noarch",
"product": {
"name": "libxml2-doc-2.9.14-150400.5.44.1.noarch",
"product_id": "libxml2-doc-2.9.14-150400.5.44.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"product": {
"name": "libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"product_id": "libxml2-2-2.9.14-150400.5.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"product_id": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"product_id": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"product_id": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"product_id": "python311-libxml2-2.9.14-150400.5.44.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.44.1.s390x",
"product": {
"name": "libxml2-2-2.9.14-150400.5.44.1.s390x",
"product_id": "libxml2-2-2.9.14-150400.5.44.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.44.1.s390x",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.s390x",
"product_id": "libxml2-devel-2.9.14-150400.5.44.1.s390x"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.44.1.s390x",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.s390x",
"product_id": "libxml2-tools-2.9.14-150400.5.44.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.44.1.s390x",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.s390x",
"product_id": "python3-libxml2-2.9.14-150400.5.44.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.44.1.s390x",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.s390x",
"product_id": "python311-libxml2-2.9.14-150400.5.44.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"product": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"product_id": "libxml2-2-2.9.14-150400.5.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"product": {
"name": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"product_id": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"product": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"product_id": "libxml2-devel-2.9.14-150400.5.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-devel-32bit-2.9.14-150400.5.44.1.x86_64",
"product": {
"name": "libxml2-devel-32bit-2.9.14-150400.5.44.1.x86_64",
"product_id": "libxml2-devel-32bit-2.9.14-150400.5.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"product": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"product_id": "libxml2-tools-2.9.14-150400.5.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"product": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"product_id": "python3-libxml2-2.9.14-150400.5.44.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"product": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"product_id": "python311-libxml2-2.9.14-150400.5.44.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Proxy 4.3",
"product_id": "SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-devel-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libxml2-tools-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.s390x as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-libxml2-2.9.14-150400.5.44.1.x86_64 as component of SUSE Manager Server 4.3",
"product_id": "SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
},
"product_reference": "python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-49794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49794"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49794",
"url": "https://www.suse.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "SUSE Bug 1244554 for CVE-2025-49794",
"url": "https://bugzilla.suse.com/1244554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-17T13:02:49Z",
"details": "important"
}
],
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-49796"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-49796",
"url": "https://www.suse.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "SUSE Bug 1244557 for CVE-2025-49796",
"url": "https://bugzilla.suse.com/1244557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-17T13:02:49Z",
"details": "important"
}
],
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-6021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6021"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6021",
"url": "https://www.suse.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "SUSE Bug 1244580 for CVE-2025-6021",
"url": "https://bugzilla.suse.com/1244580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-17T13:02:49Z",
"details": "important"
}
],
"title": "CVE-2025-6021"
},
{
"cve": "CVE-2025-6170",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6170"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6170",
"url": "https://www.suse.com/security/cve/CVE-2025-6170"
},
{
"category": "external",
"summary": "SUSE Bug 1244700 for CVE-2025-6170",
"url": "https://bugzilla.suse.com/1244700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Micro 5.4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Proxy 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-2-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-2-32bit-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-devel-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:libxml2-tools-2.9.14-150400.5.44.1.x86_64",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.ppc64le",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.s390x",
"SUSE Manager Server 4.3:python3-libxml2-2.9.14-150400.5.44.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-07-17T13:02:49Z",
"details": "moderate"
}
],
"title": "CVE-2025-6170"
}
]
}
fkie_cve-2025-49796
Vulnerability from fkie_nvd
Published
2025-06-16 16:15
Modified
2025-08-07 09:15
Severity ?
Summary
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10630 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10698 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:10699 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:11580 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:12098 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:12099 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:12199 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:12237 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:12239 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:12240 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:12241 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:13267 | ||
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2025:13335 | ||
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2025-49796 | ||
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2372385 |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en libxml2. El procesamiento de ciertos elementos sch:name del archivo XML de entrada puede provocar un problema de corrupci\u00f3n de memoria. Esta falla permite a un atacante manipular un archivo XML de entrada malicioso que puede provocar el bloqueo de libxml, lo que resulta en una denegaci\u00f3n de servicio u otro posible comportamiento indefinido debido a la corrupci\u00f3n de datos confidenciales en la memoria."
}
],
"id": "CVE-2025-49796",
"lastModified": "2025-08-07T09:15:27.990",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2025-06-16T16:15:19.370",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:13267"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2025:13335"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
}
wid-sec-w-2025-1312
Vulnerability from csaf_certbund
Published
2025-06-11 22:00
Modified
2025-08-06 22:00
Summary
libxml2: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
libxml ist ein C Parser und Toolkit, welches für das Gnome Projekt entwickelt wurde.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libxml2 ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht näher beschriebene Auswirkungen zu erzielen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "libxml ist ein C Parser und Toolkit, welches f\u00fcr das Gnome Projekt entwickelt wurde.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libxml2 ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren oder nicht n\u00e4her beschriebene Auswirkungen zu erzielen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1312 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1312.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1312 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1312"
},
{
"category": "external",
"summary": "GNOME Security vom 2025-06-11",
"url": "https://gitlab.gnome.org/Teams/Releng/security/-/wikis/2025"
},
{
"category": "external",
"summary": "GNOME GitLab Issue 926 vom 2025-06-11",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926"
},
{
"category": "external",
"summary": "GNOME GitLab Issue 931 vom 2025-06-11",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/931"
},
{
"category": "external",
"summary": "GNOME GitLab Issue 932 vom 2025-06-11",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/932"
},
{
"category": "external",
"summary": "GNOME GitLab Issue 933 vom 2025-06-11",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/933"
},
{
"category": "external",
"summary": "Arch Linux Security Advisory ASA-202506-7 vom 2025-06-19",
"url": "https://security.archlinux.org/ASA-202506-7"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2893 vom 2025-06-24",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2893.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2893 vom 2025-06-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2893.html"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2025-13 vom 2025-06-30",
"url": "https://de.tenable.com/security/tns-2025-13"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10630 vom 2025-07-08",
"url": "https://access.redhat.com/errata/RHSA-2025:10630"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15321-1 vom 2025-07-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6ENYT3VR7R5DYMOUMVW7VUSFZWAHIP53/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02260-1 vom 2025-07-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021778.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10698 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10698"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10699 vom 2025-07-09",
"url": "https://access.redhat.com/errata/RHSA-2025:10699"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10630 vom 2025-07-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-10630.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10699 vom 2025-07-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-10699.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10698 vom 2025-07-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-10698.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02275-1 vom 2025-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021788.html"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20250711-0009 vom 2025-07-11",
"url": "https://security.netapp.com/advisory/NTAP-20250711-0009"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02294-1 vom 2025-07-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021799.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02314-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021818.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7239960 vom 2025-07-17",
"url": "https://www.ibm.com/support/pages/node/7239960"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11386 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:11386"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02355-1 vom 2025-07-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021844.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11396 vom 2025-07-18",
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11580 vom 2025-07-23",
"url": "https://access.redhat.com/errata/RHSA-2025:11580"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11673 vom 2025-07-29",
"url": "https://access.redhat.com/errata/RHSA-2025:11673"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12099 vom 2025-07-29",
"url": "https://access.redhat.com/errata/RHSA-2025:12099"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12098 vom 2025-07-29",
"url": "https://access.redhat.com/errata/RHSA-2025:12098"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12199 vom 2025-07-29",
"url": "https://access.redhat.com/errata/RHSA-2025:12199"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12237 vom 2025-07-30",
"url": "https://access.redhat.com/errata/RHSA-2025:12237"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12240 vom 2025-07-30",
"url": "https://access.redhat.com/errata/RHSA-2025:12240"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12241 vom 2025-07-30",
"url": "https://access.redhat.com/errata/RHSA-2025:12241"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12239 vom 2025-07-30",
"url": "https://access.redhat.com/errata/RHSA-2025:12239"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2938 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2938.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-12450 vom 2025-08-01",
"url": "https://linux.oracle.com/errata/ELSA-2025-12450.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-13203 vom 2025-08-07",
"url": "http://linux.oracle.com/errata/ELSA-2025-13203.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241565 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241565"
}
],
"source_lang": "en-US",
"title": "libxml2: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2025-08-06T22:00:00.000+00:00",
"generator": {
"date": "2025-08-07T08:29:27.684+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1312",
"initial_release_date": "2025-06-11T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-06-12T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: 2372385"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Arch Linux aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Amazon und Tenable aufgenommen"
},
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-09T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von openSUSE, SUSE, Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-13T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von NetApp und SUSE aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM, Red Hat und SUSE aufgenommen"
},
{
"date": "2025-07-20T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-22T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-28T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux und IBM aufgenommen"
}
],
"status": "final",
"version": "18"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.3",
"product": {
"name": "IBM AIX 7.3",
"product_id": "1139691",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.3"
}
}
},
{
"category": "product_version",
"name": "7.2",
"product": {
"name": "IBM AIX 7.2",
"product_id": "434967",
"product_identification_helper": {
"cpe": "cpe:/o:ibm:aix:7.2"
}
}
}
],
"category": "product_name",
"name": "AIX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cLTS 12.0.14",
"product": {
"name": "IBM App Connect Enterprise \u003cLTS 12.0.14",
"product_id": "T045928"
}
},
{
"category": "product_version",
"name": "LTS 12.0.14",
"product": {
"name": "IBM App Connect Enterprise LTS 12.0.14",
"product_id": "T045928-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:lts_12.0.14"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "3.1",
"product": {
"name": "IBM VIOS 3.1",
"product_id": "1039165",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:3.1"
}
}
},
{
"category": "product_version",
"name": "4.1",
"product": {
"name": "IBM VIOS 4.1",
"product_id": "1522854",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:vios:4.1"
}
}
}
],
"category": "product_name",
"name": "VIOS"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "NetApp Data ONTAP 9",
"product_id": "T039981",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:data_ontap:9"
}
}
}
],
"category": "product_name",
"name": "Data ONTAP"
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Arch Linux",
"product": {
"name": "Open Source Arch Linux",
"product_id": "T013312",
"product_identification_helper": {
"cpe": "cpe:/o:archlinux:archlinux:-"
}
}
},
{
"category": "product_name",
"name": "Open Source libxml2",
"product": {
"name": "Open Source libxml2",
"product_id": "T044565",
"product_identification_helper": {
"cpe": "cpe:/a:xmlsoft:libxml2:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform 4.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.10",
"product_id": "T025742",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.10"
}
}
},
{
"category": "product_version",
"name": "Container Platform 4.11",
"product": {
"name": "Red Hat OpenShift Container Platform 4.11",
"product_id": "T025990",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.11"
}
}
},
{
"category": "product_version",
"name": "Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "T026435",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_4.12"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.8.5",
"product": {
"name": "Tenable Security Nessus \u003c10.8.5",
"product_id": "T044617"
}
},
{
"category": "product_version",
"name": "10.8.5",
"product": {
"name": "Tenable Security Nessus 10.8.5",
"product_id": "T044617-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:agent__10.8.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.9.0",
"product": {
"name": "Tenable Security Nessus \u003c10.9.0",
"product_id": "T044956"
}
},
{
"category": "product_version",
"name": "10.9.0",
"product": {
"name": "Tenable Security Nessus 10.9.0",
"product_id": "T044956-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:10.9.0"
}
}
}
],
"category": "product_name",
"name": "Nessus"
}
],
"category": "vendor",
"name": "Tenable Security"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-49794",
"product_status": {
"known_affected": [
"67646",
"434967",
"T013312",
"1039165",
"1522854",
"T044617",
"T045928",
"T004914",
"T039981",
"1139691",
"T044565",
"T002207",
"T044956",
"T027843",
"398363",
"T025742",
"T026435",
"T025990"
]
},
"release_date": "2025-06-11T22:00:00.000+00:00",
"title": "CVE-2025-49794"
},
{
"cve": "CVE-2025-49795",
"product_status": {
"known_affected": [
"67646",
"434967",
"T013312",
"1039165",
"1522854",
"T044617",
"T045928",
"T004914",
"T039981",
"1139691",
"T044565",
"T002207",
"T044956",
"T027843",
"398363",
"T025742",
"T026435",
"T025990"
]
},
"release_date": "2025-06-11T22:00:00.000+00:00",
"title": "CVE-2025-49795"
},
{
"cve": "CVE-2025-49796",
"product_status": {
"known_affected": [
"67646",
"434967",
"T013312",
"1039165",
"1522854",
"T044617",
"T045928",
"T004914",
"T039981",
"1139691",
"T044565",
"T002207",
"T044956",
"T027843",
"398363",
"T025742",
"T026435",
"T025990"
]
},
"release_date": "2025-06-11T22:00:00.000+00:00",
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-6021",
"product_status": {
"known_affected": [
"67646",
"434967",
"T013312",
"1039165",
"1522854",
"T044617",
"T045928",
"T004914",
"T039981",
"1139691",
"T044565",
"T002207",
"T044956",
"T027843",
"398363",
"T025742",
"T026435",
"T025990"
]
},
"release_date": "2025-06-11T22:00:00.000+00:00",
"title": "CVE-2025-6021"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…