CVE
CVE-2025-49794
| CVE ID |
CVE-2025-49794
|
|---|---|
| CVSS Score |
9.1
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
libxml2-2.9.7-9_ol005.el8.2
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.