CVE-2025-49794

ADVISORY - nist

Summary

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

EPSS Score⁠: 0.00263 (0.495)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-825⁠

Expired Pointer Dereference

Impacted images

Advisories

NIST

CREATED

6 months ago

UPDATED

24 days ago

ADVISORY IDCVE-2025-49794⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-825⁠

CVSS SCORE

9.1critical

Alpine

CREATED

3 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-49794⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

6 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-49794⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

6 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2025-49794⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDALSA-2025:10698⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDALSA-2025:10699⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDALAS2-2025-2938⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

5 months ago

UPDATED

4 months ago

ADVISORY IDALAS2023-2025-1103⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDRLSA-2025:10630⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDRLSA-2025:10698⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDRLSA-2025:10699⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDELSA-2025-10630⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDELSA-2025-10698⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDELSA-2025-10699⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDELSA-2025-12240⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Photon

CREATED

5 months ago

UPDATED

4 months ago

ADVISORY ID

CVE-2025-49794

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.1critical