CNNVD-202506-1904 Information

CNNVD ID

CNNVD-202506-1904

Related CVE

CVE-2025-49794

• CNNVD Published: 2025-06-16

Description (Chinese)

libxml2是GNOME开源的一个用来解析XML文档的函数库。它用C语言写成，并且能为多种语言所调用，例如C语言，C++，XSH。 libxml2存在安全漏洞，该漏洞源于解析XPath元素时存在释放后重用问题，可能导致程序崩溃或未定义行为。

Description (English)

libxml2 is a function library for the analysis of XML documents from an open source of GNOME. It is written in C and can be called in many languages, such as C, C++, XSH. There is a security loophole in libxml2, which stems from the problem of re-use after release when the XPath element is deconstructed, which could lead to a process collapse or undefined behaviour.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

GNOME

Published

2025-06-16

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-49794 https://bugzilla.redhat.com/show_bug.cgi?id=2372373 https://vigilance.fr/vulnerability/libxml2-use-after-free-via-xmlSchematronGetNode-47444