CVE-2025-32414

ADVISORY - nist

Summary

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.

EPSS Score⁠: 0.00058 (0.185)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-252⁠

Unchecked Return Value

CWE-393⁠

Return of Wrong Status Code

ADVISORY - redhat

CWE-393⁠

Return of Wrong Status Code

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.