CVE-2025-32415

ADVISORY - nist

Summary

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.

EPSS Score⁠: 0.00028 (0.073)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-125⁠

Out-of-bounds Read

CWE-1284⁠

Improper Validation of Specified Quantity in Input

ADVISORY - redhat

CWE-125⁠

Out-of-bounds Read

Impacted images

Advisories

NIST

CREATED

9 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-32415⁠

EXPLOITABILITY SCORE

1.4

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠CWE-1284⁠

CVSS SCORE

2.9low

Alpine

CREATED

8 months ago

UPDATED

1 day ago

ADVISORY IDCVE-2025-32415⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

9 months ago

UPDATED

12 days ago

ADVISORY IDCVE-2025-32415⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

9 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-32415⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

Alma

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDALSA-2025:13203⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDALSA-2025:13428⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDALAS2-2025-2860⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDALAS2023-2025-963⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

9 months ago

UPDATED

5 days ago

ADVISORY IDCVE-2025-32415⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-125⁠

CVSS SCORE

7.5medium

Rocky

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDRLSA-2025:13203⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2025:13428⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2025:13429⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDELSA-2025-13203⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDELSA-2025-13428⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDELSA-2025-13429⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDELSA-2025-13789⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-6ggf-hvvg-jpph

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-c6gr-26m7-5wc7

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

4 days ago

UPDATED

4 days ago

ADVISORY ID

CGA-fj6r-gv9p-52fp

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-h6fq-hfpc-q32m

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-ww46-qf6w-54x3

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Photon

CREATED

9 months ago

UPDATED

4 months ago

ADVISORY ID

CVE-2025-32415

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high

minimos

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

MINI-q3cr-qxp3-7xqh

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY