ГлавнаяУязвимости → CVE-2025-49796
9.1критическая

CVE-2025-49796

→ есть в БДУ: BDU:2025-08978 (на русском)
Описание (на английском; русское — в БДУ выше)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

CVSS
Балл9.1 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Источники
https://access.redhat.com/errata/RHSA-2025:10630https://access.redhat.com/errata/RHSA-2025:10698https://access.redhat.com/errata/RHSA-2025:10699https://access.redhat.com/errata/RHSA-2025:11580https://access.redhat.com/errata/RHSA-2025:12098https://access.redhat.com/errata/RHSA-2025:12099https://access.redhat.com/errata/RHSA-2025:12199https://access.redhat.com/errata/RHSA-2025:12237