CVE
CVE-2025-24928
| CVE ID |
CVE-2025-24928
|
|---|---|
| CVSS Score |
7.8
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
libxml2-2.9.1-6_ol002.el7.6
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary :
A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD. This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c.
Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.