CVE-2025-6021

Medienbericht

Exploit

EPSS 2.12%
Veröffentlicht 12.06.2025 12:49:16
Zuletzt bearbeitet 12.05.2026 13:17:27
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 32

NVD 72 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Xmlsoft ≫ Libxml2 Version < 2.14.4

Redhat ≫ Jboss Core Services Version-

Redhat ≫ Openshift Container Platform Version4.12

Redhat ≫ Openshift Container Platform Version4.13

Redhat ≫ Openshift Container Platform Version4.14

Redhat ≫ Openshift Container Platform Version4.15

Redhat ≫ Openshift Container Platform Version4.16

Redhat ≫ Openshift Container Platform Version4.17

Redhat ≫ Openshift Container Platform Version4.18

Redhat ≫ Openshift Container Platform For Arm64 Version4.13

Redhat ≫ Openshift Container Platform For Arm64 Version4.14

Redhat ≫ Openshift Container Platform For Arm64 Version4.15

Redhat ≫ Openshift Container Platform For Arm64 Version4.16

Redhat ≫ Openshift Container Platform For Arm64 Version4.17

Redhat ≫ Openshift Container Platform For Arm64 Version4.18

Redhat ≫ Openshift Container Platform For Ibm Z Version4.13

Redhat ≫ Openshift Container Platform For Ibm Z Version4.14

Redhat ≫ Openshift Container Platform For Ibm Z Version4.15

Redhat ≫ Openshift Container Platform For Ibm Z Version4.16

Redhat ≫ Openshift Container Platform For Ibm Z Version4.17

Redhat ≫ Openshift Container Platform For Ibm Z Version4.18

Redhat ≫ Openshift Container Platform For Linuxone Version4.13

Redhat ≫ Openshift Container Platform For Linuxone Version4.14

Redhat ≫ Openshift Container Platform For Linuxone Version4.15

Redhat ≫ Openshift Container Platform For Linuxone Version4.16

Redhat ≫ Openshift Container Platform For Linuxone Version4.17

Redhat ≫ Openshift Container Platform For Linuxone Version4.18

Redhat ≫ Openshift Container Platform For Power Version4.13

Redhat ≫ Openshift Container Platform For Power Version4.14

Redhat ≫ Openshift Container Platform For Power Version4.15

Redhat ≫ Openshift Container Platform For Power Version4.16

Redhat ≫ Openshift Container Platform For Power Version4.17

Redhat ≫ Openshift Container Platform For Power Version4.18

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Enterprise Linux Version9.0

Redhat ≫ Enterprise Linux Version10.0

Redhat ≫ Enterprise Linux Eus Version8.4

Redhat ≫ Enterprise Linux Eus Version8.6

Redhat ≫ Enterprise Linux Eus Version8.8

Redhat ≫ Enterprise Linux Eus Version9.4

Redhat ≫ Enterprise Linux Eus Version9.6

Redhat ≫ Enterprise Linux Eus Version10.0

Redhat ≫ Enterprise Linux For Arm 64 Version8.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Version9.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Version9.4_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Version10.0_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.4_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version9.6_aarch64

Redhat ≫ Enterprise Linux For Arm 64 Eus Version10.0_aarch64

Redhat ≫ Enterprise Linux For Ibm Z Systems Version8.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version9.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version10.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version9.6_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version10.0_s390x

Redhat ≫ Enterprise Linux For Power Little Endian Version8.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Version9.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Version10.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.4_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version9.6_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version10.0_ppc64le

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server Aus Version8.2

Redhat ≫ Enterprise Linux Server Aus Version8.4

Redhat ≫ Enterprise Linux Server Aus Version8.6

Redhat ≫ Enterprise Linux Server Aus Version9.2

Redhat ≫ Enterprise Linux Server Aus Version9.4

Redhat ≫ Enterprise Linux Server Aus Version9.6

Redhat ≫ Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Version9.4_ppc64le

Redhat ≫ Enterprise Linux Server Tus Version8.8

Redhat ≫ In-vehicle Operating System Version1.0

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.12%	0.841

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
secalert@redhat.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.heise.de/news/Sicherheitsluecken-Tenable-Nessus-Angreifer-koennen-Sytstemdaten-ueberschreiben-10467111.html

Media Report

https://access.redhat.com/security/cve/CVE-2025-6021

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2372406

Issue Tracking

https://access.redhat.com/errata/RHSA-2025:10630

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:10698

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:10699

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:11580

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:12098

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:12099

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:12199

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:12239

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:12240

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:12241

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:12237

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:13267

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:13335

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:13336

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:13325

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:13289

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:14059

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:14396

Third Party Advisory

https://gitlab.gnome.org/GNOME/libxml2/-/issues/926

Vendor Advisory

Exploit

Issue Tracking

https://access.redhat.com/errata/RHSA-2025:15308

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:15672

Third Party Advisory

https://access.redhat.com/errata/RHSA-2025:19020

https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html

https://access.redhat.com/errata/RHSA-2025:11673

https://access.redhat.com/errata/RHSA-2026:7519

https://cert-portal.siemens.com/productcert/html/ssa-032379.html

https://nvd.nist.gov/vuln/detail/CVE-2025-6021

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-6021

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-6021

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-6021