CVE-2025-49796

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-49796

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-49796.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-49796

Downstream

ALPINE-CVE-2025-49796

BELL-CVE-2025-49796

DEBIAN-CVE-2025-49796

DLA-4251-1

ECHO-2f9b-2b25-b4f7

OESA-2025-1768

OESA-2025-1769

OESA-2025-1770

OESA-2025-1898

OESA-2025-1899

OESA-2025-1900

RHSA-2025:10630

RHSA-2025:10698

RHSA-2025:10699

RHSA-2025:11580

RHSA-2025:12098

RHSA-2025:12099

RHSA-2025:12199

RHSA-2025:12237

RHSA-2025:12239

RHSA-2025:12240

RHSA-2025:12241

RLSA-2025:10630

RLSA-2025:10698

RLSA-2025:10699

SUSE-SU-2025:02260-1

SUSE-SU-2025:02294-1

UBUNTU-CVE-2025-49796

USN-7694-1

Related

Published

2025-06-16T16:15:19Z

Modified

2025-09-15T18:15:38Z

Summary

[none]

Details

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

References

Affected packages