CVE-2025-49795

ADVISORY - nist

Summary

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

EPSS Score⁠: 0.00154 (0.364)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-825⁠

Expired Pointer Dereference

ADVISORY - redhat

CWE-825⁠

Expired Pointer Dereference

Impacted images

Advisories

Alpine

CREATED

5 months ago

UPDATED

8 days ago

ADVISORY IDCVE-2025-49795⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
alpine/libxml2	apk	alpine	3.21	<2.13.9-r0	2.13.9-r0
alpine/libxml2	apk	alpine	3.24	<2.13.9-r0	2.13.9-r0
alpine/libxml2	apk	alpine	3.22	<2.13.9-r0	2.13.9-r0
alpine/libxml2	apk	alpine	edge	<2.13.9-r0	2.13.9-r0
alpine/libxml2	apk	alpine	3.23	<2.13.9-r0	2.13.9-r0

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

8 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2025-49795⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-825⁠

CVSS SCORE

7.5high

Debian

CREATED

8 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-49795⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

8 months ago

UPDATED

5 months ago

ADVISORY IDCVE-2025-49795⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

7 months ago

UPDATED

6 months ago

ADVISORY IDALAS2023-2025-1103⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

8 months ago

UPDATED

1 month ago

ADVISORY IDCVE-2025-49795⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-825⁠

CVSS SCORE

7.5high

Rocky

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDRLSA-2025:10630⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY IDELSA-2025-10630⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Photon

CREATED

7 months ago

UPDATED

3 months ago

ADVISORY ID

CVE-2025-49795

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high