CVE-2025-49794

Published: Jun 16, 2025

Modified: Jun 3, 2026

PUBLISHED

CVSS v3.1

9.1

CRITICAL

Description

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

Vendor	Product	Versions
Unknown	libxml2	affected `0 - < 2.15.0`
Red Hat	Red Hat Enterprise Linux 10	unaffected `0:2.12.5-7.el10_0 - < *`
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	unaffected `0:2.9.1-6.el7_9.10 - < *`
Red Hat	Red Hat Enterprise Linux 8	unaffected `0:2.9.7-21.el8_10.1 - < *`
Red Hat	Red Hat Enterprise Linux 8	unaffected `0:2.9.7-21.el8_10.1 - < *`
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	unaffected `0:2.9.7-9.el8_2.3 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	unaffected `0:2.9.7-9.el8_4.6 - < *`
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	unaffected `0:2.9.7-9.el8_4.6 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	unaffected `0:2.9.7-13.el8_6.10 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	unaffected `0:2.9.7-13.el8_6.10 - < *`
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	unaffected `0:2.9.7-13.el8_6.10 - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	unaffected `0:2.9.7-16.el8_8.9 - < *`
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	unaffected `0:2.9.7-16.el8_8.9 - < *`
Red Hat	Red Hat Enterprise Linux 9	unaffected `0:2.9.13-10.el9_6 - < *`
Red Hat	Red Hat Enterprise Linux 9	unaffected `0:2.9.13-10.el9_6 - < *`
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	unaffected `0:2.9.13-1.el9_0.5 - < *`
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	unaffected `0:2.9.13-3.el9_2.7 - < *`
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	unaffected `0:2.9.13-10.el9_4 - < *`
Red Hat	Red Hat JBoss Core Services 2.4.62.SP2	All versions
Red Hat	Red Hat OpenShift Container Platform 4.12	unaffected `412.86.202510291903-0 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.13	unaffected `413.92.202510150118-0 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.14	unaffected `414.92.202510211419-0 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.17	unaffected `417.94.202510112152-0 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.18	unaffected `418.94.202510230424-0 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.19	unaffected `4.19.9.6.202510140714-0 - < *`
Red Hat	Red Hat OpenShift Container Platform 4.20	unaffected `4.20.9.6.202509251656-0 - < *`
Red Hat	Red Hat Web Terminal 1.11 on RHEL 9	unaffected `1.11-19 - < *`
Red Hat	Red Hat Web Terminal 1.11 on RHEL 9	unaffected `1.11-8 - < *`
Red Hat	Red Hat Web Terminal 1.12 on RHEL 9	unaffected `1.12-4 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-11 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-11 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-11 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-10 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-10 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-4 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-9 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-12 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-18 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-11 - < *`
Red Hat	RHOSS-1.36-RHEL-8	unaffected `1.36.0-7 - < *`
Red Hat	cert-manager operator for Red Hat OpenShift 1.16	unaffected `v1.16.5-1760515757 - < *`
Red Hat	OpenShift File Integrity Operator - FIO 1	unaffected `v1.3 - < *`
Red Hat	Red Hat Hardened Images	unaffected `2.15.2-0.3.hum1 - < *`
Red Hat	Red Hat Insights proxy 1.5	unaffected `1.5.5-1754504343 - < *`
Red Hat	Red Hat Enterprise Linux 6	All versions