Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
There's no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.
Mon, 15 Sep 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:webterminal:1.12::el9 | |
References |
|
Mon, 15 Sep 2025 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat webterminal
|
|
CPEs | cpe:/a:redhat:webterminal:1.11::el9 | |
Vendors & Products |
Redhat webterminal
|
|
References |
|
Tue, 02 Sep 2025 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat openshift
|
|
CPEs | cpe:/a:redhat:openshift:4 | |
Vendors & Products |
Redhat openshift
|
Thu, 07 Aug 2025 09:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat insights Proxy
|
|
CPEs | cpe:/a:redhat:insights_proxy:1.5::el9 | |
Vendors & Products |
Redhat insights Proxy
|
|
References |
|
Wed, 30 Jul 2025 09:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/o:redhat:rhel_aus:8.2::baseos |
|
References |
|
Wed, 30 Jul 2025 07:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Els
|
|
CPEs | cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/o:redhat:rhel_e4s:8.8::baseos cpe:/o:redhat:rhel_els:7 cpe:/o:redhat:rhel_tus:8.8::baseos |
|
Vendors & Products |
Redhat rhel Els
|
|
References |
|
Wed, 30 Jul 2025 07:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus Long Life
|
|
CPEs | cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/o:redhat:rhel_aus:8.4::baseos cpe:/o:redhat:rhel_eus_long_life:8.4::baseos |
|
Vendors & Products |
Redhat rhel Eus Long Life
|
|
References |
|
Tue, 29 Jul 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_e4s:9.2::appstream cpe:/o:redhat:rhel_e4s:9.2::baseos |
|
References |
|
Tue, 29 Jul 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_e4s:9.0::appstream cpe:/o:redhat:rhel_e4s:9.0::baseos |
|
References |
|
Tue, 29 Jul 2025 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/o:redhat:rhel_aus:8.6::baseos cpe:/o:redhat:rhel_e4s:8.6::baseos cpe:/o:redhat:rhel_tus:8.6::baseos |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
References |
|
Wed, 23 Jul 2025 07:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/o:redhat:rhel_eus:9.4::baseos |
|
Vendors & Products |
Redhat rhel Eus
|
|
References |
|
Thu, 10 Jul 2025 03:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
Wed, 09 Jul 2025 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:9 |
cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:8::baseos cpe:/o:redhat:enterprise_linux:9::baseos |
References |
|
Wed, 09 Jul 2025 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:10.0 | |
References |
|
Mon, 16 Jun 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 16 Jun 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors. |
Title | libxml: Heap use after free (UAF) leads to Denial of service (DoS) | Libxml: heap use after free (uaf) leads to denial of service (dos) |
First Time appeared |
Redhat
Redhat enterprise Linux Redhat jboss Core Services |
|
CPEs | cpe:/a:redhat:jboss_core_services:1 cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux Redhat jboss Core Services |
|
References |
|
Thu, 12 Jun 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | libxml: Heap use after free (UAF) leads to Denial of service (DoS) | |
Weaknesses | CWE-825 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|

Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2025-09-15T17:57:48.151Z
Reserved: 2025-06-10T22:17:05.286Z
Link: CVE-2025-49794

Updated: 2025-06-16T15:50:49.909Z

Status : Awaiting Analysis
Published: 2025-06-16T16:15:18.997
Modified: 2025-09-15T18:15:38.410
Link: CVE-2025-49794


No data.