CVE-2025-6021

Medienbericht

Exploit

EPSS 0.58%
Veröffentlicht 12.06.2025 12:49:16
Zuletzt bearbeitet 29.11.2025 01:16:03
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 30

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Xmlsoft ≫ Libxml2 Version < 2.14.4

Redhat ≫ Jboss Core Services Version-

Redhat ≫ Openshift Container Platform Version4.12

Redhat ≫ Openshift Container Platform Version4.13

Redhat ≫ Openshift Container Platform Version4.14

Redhat ≫ Openshift Container Platform Version4.15

Redhat ≫ Openshift Container Platform Version4.16

Redhat ≫ Openshift Container Platform Version4.17

Redhat ≫ Openshift Container Platform Version4.18

Redhat ≫ Openshift Container Platform For Arm64 Version4.13

Redhat ≫ Openshift Container Platform For Arm64 Version4.14

Redhat ≫ Openshift Container Platform For Arm64 Version4.15

Redhat ≫ Openshift Container Platform For Arm64 Version4.16

Redhat ≫ Openshift Container Platform For Arm64 Version4.17

Redhat ≫ Openshift Container Platform For Arm64 Version4.18

Redhat ≫ Openshift Container Platform For Ibm Z Version4.13

Redhat ≫ Openshift Container Platform For Ibm Z Version4.14

Redhat ≫ Openshift Container Platform For Ibm Z Version4.15

Redhat ≫ Openshift Container Platform For Ibm Z Version4.16

Redhat ≫ Openshift Container Platform For Ibm Z Version4.17

Redhat ≫ Openshift Container Platform For Ibm Z Version4.18

Redhat ≫ Openshift Container Platform For Linuxone Version4.13

Redhat ≫ Openshift Container Platform For Linuxone Version4.14

Redhat ≫ Openshift Container Platform For Linuxone Version4.15

Redhat ≫ Openshift Container Platform For Linuxone Version4.16

Redhat ≫ Openshift Container Platform For Linuxone Version4.17

Redhat ≫ Openshift Container Platform For Linuxone Version4.18

Redhat ≫ Openshift Container Platform For Power Version4.13

Redhat ≫ Openshift Container Platform For Power Version4.14

Redhat ≫ Openshift Container Platform For Power Version4.15

Redhat ≫ Openshift Container Platform For Power Version4.16

Redhat ≫ Openshift Container Platform For Power Version4.17

Redhat ≫ Openshift Container Platform For Power Version4.18

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Enterprise Linux Version9.0

Redhat ≫ Enterprise Linux Version10.0

Redhat ≫ Enterprise Linux Eus Version8.4

Redhat ≫ Enterprise Linux Eus Version8.6

Redhat ≫ Enterprise Linux Eus Version8.8

Redhat ≫ Enterprise Linux Eus Version9.4

Redhat ≫ Enterprise Linux Eus Version9.6

Redhat ≫ Enterprise Linux Eus Version10.0

Redhat ≫ Enterprise Linux For Arm 64 Version8.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Version9.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Version9.4_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Version10.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.4_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.6_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version10.0_aarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version8.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version10.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.6_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version10.0_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version8.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Version9.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Version10.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.4_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.6_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version10.0_ppc64le

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server Aus Version8.2

Redhat ≫ Enterprise Linux Server Aus Version8.4

Redhat ≫ Enterprise Linux Server Aus Version8.6

Redhat ≫ Enterprise Linux Server Aus Version9.2

Redhat ≫ Enterprise Linux Server Aus Version9.4

Redhat ≫ Enterprise Linux Server Aus Version9.6

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.4_ppc64le

Redhat ≫ Enterprise Linux Server Tus Version8.8

Redhat ≫ In-vehicle Operating System Version1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.58%	0.681

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.heise.de/news/Sicherheitsluecken-Tenable-Nessus-Angreifer-koennen-Sytstemdaten-ueberschreiben-10467111.html

Medienbericht

heise Security

https://access.redhat.com/security/cve/CVE-2025-6021

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2372406

Issue Tracking

https://access.redhat.com/errata/RHSA-2025:10630

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:10698