CNNVD-202512-4813 Information

CNNVD ID

CNNVD-202512-4813

Related CVE

CVE-2025-25341

• CNNVD Published: 2025-12-26

Description (Chinese)

libxmljs是libxmljs开源的node.js的 LibXML 绑定。 libxmljs 1.0.11版本存在安全漏洞，该漏洞源于解析特制XML文档时访问entity_ref和entity_decl节点的内部_ref属性可能导致分段错误，可能导致拒绝服务。

Description (English)

Libxmljs is a LibXML binding of node.js from libxmljs open source. libxmljs Version 1.0.11 contains a security loophole that stems from access to the intity ref and entity decl node internal ref properties during the analysis of the XML file may result in a break-in error and a denial of service.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

libxmljs

Published

2025-12-26

Last Modified

2026-02-24

References

https://github.com/libxmljs/libxmljs/issues/667 https://access.redhat.com/security/cve/cve-2025-25341