CVE-2025-6021

Name
CVE-2025-6021
Description
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vdb-entry https://access.redhat.com/security/cve/CVE-2025-6021
issue-tracking https://bugzilla.redhat.com/show_bug.cgi?id=2372406
vendor-advisory https://access.redhat.com/errata/RHSA-2025:10630
vendor-advisory https://access.redhat.com/errata/RHSA-2025:10698
vendor-advisory https://access.redhat.com/errata/RHSA-2025:10699
vendor-advisory https://access.redhat.com/errata/RHSA-2025:11580
vendor-advisory https://access.redhat.com/errata/RHSA-2025:12098
vendor-advisory https://access.redhat.com/errata/RHSA-2025:12099
vendor-advisory https://access.redhat.com/errata/RHSA-2025:12199
vendor-advisory https://access.redhat.com/errata/RHSA-2025:12239
vendor-advisory https://access.redhat.com/errata/RHSA-2025:12240
vendor-advisory https://access.redhat.com/errata/RHSA-2025:12241
vendor-advisory https://access.redhat.com/errata/RHSA-2025:12237
vendor-advisory https://access.redhat.com/errata/RHSA-2025:13267
vendor-advisory https://access.redhat.com/errata/RHSA-2025:13335
vendor-advisory https://access.redhat.com/errata/RHSA-2025:13325
vendor-advisory https://access.redhat.com/errata/RHSA-2025:13336
vendor-advisory https://access.redhat.com/errata/RHSA-2025:13289
vendor-advisory https://access.redhat.com/errata/RHSA-2025:14059
vendor-advisory https://access.redhat.com/errata/RHSA-2025:14396
134c704f-9b21-4f2e-91b3-4a467353bcc0 https://gitlab.gnome.org/GNOME/libxml2/-/issues/926
vendor-advisory https://access.redhat.com/errata/RHSA-2025:15308
vendor-advisory https://access.redhat.com/errata/RHSA-2025:15672
vendor-advisory https://access.redhat.com/errata/RHSA-2025:19020
af854a3a-2127-422b-91ae-364da2661108 https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html

Match rules

CPE URI Source package Min version Max version
shopxo >= 0 < 2.14.4
cpe:/o:redhat:enterprise_linux:10.0 shopxo >= 0:2.12.5-7.el10_0 < *
cpe:/o:redhat:rhel_els:7 shopxo >= 0:2.9.1-6.el7_9.10 < *
cpe:/o:redhat:rhel_aus:8.2::baseos shopxo >= 0:2.9.7-9.el8_2.3 < *
cpe:/a:redhat:rhel_e4s:8.6::appstream shopxo >= 0:2.9.7-13.el8_6.10 < *
cpe:/o:redhat:rhel_e4s:9.2::baseos shopxo >= 0:2.9.13-3.el9_2.7 < *
cpe:/o:redhat:rhel_eus:9.4::baseos shopxo >= 0:2.9.13-10.el9_4 < *
cpe:/a:redhat:openshift:4.16::el9 shopxo >= 416.94.202508050040-0 < *
cpe:/a:redhat:openshift:4.18::el9 shopxo >= 418.94.202508060022-0 < *
cpe:/a:redhat:enterprise_linux:8::appstream shopxo >= 0:2.9.7-21.el8_10.1 < *
cpe:/o:redhat:enterprise_linux:9::baseos shopxo >= 0:2.9.13-10.el9_6 < *
cpe:/a:redhat:rhel_e4s:9.0::appstream shopxo >= 0:2.9.13-1.el9_0.5 < *
cpe:/a:redhat:openshift:4.12::el8 shopxo >= 412.86.202509030110-0 < *
cpe:/a:redhat:openshift:4.13::el9 shopxo >= 413.92.202509030117-0 < *
cpe:/a:redhat:openshift:4.15::el9 shopxo >= 415.92.202508192014-0 < *
cpe:/a:redhat:openshift:4.17::el9 shopxo >= 417.94.202508141510-0 < *
cpe:/o:redhat:rhel_aus:8.4::baseos shopxo >= 0:2.9.7-9.el8_4.6 < *
cpe:/o:redhat:rhel_tus:8.8::baseos shopxo >= 0:2.9.7-16.el8_8.9 < *
cpe:/a:redhat:openshift:4.14::el8 shopxo >= 414.92.202508041909-0 < *
cpe:/a:redhat:discovery:2::el9 shopxo >= sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec < *
cpe:/a:redhat:insights_proxy:1.5::el9 shopxo >= sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7 < *

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
libxml2 edge-main 2.13.9-r0 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 3.22-main 2.13.9-r0 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 3.21-main 2.13.9-r0 Carlo Landmeter <clandmeter@alpinelinux.org> fixed
libxml2 edge-main 2.13.4-r3 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 edge-main 2.13.6-r0 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 edge-main 2.13.7-r0 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 edge-main 2.13.7-r1 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 edge-main 2.13.8-r0 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.22-main 2.13.8-r0 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.21-main 2.13.4-r3 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.21-main 2.13.4-r4 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.21-main 2.13.4-r5 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.21-main 2.13.4-r6 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.20-main 2.12.7-r0 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.20-main 2.12.7-r1 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.20-main 2.12.7-r2 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.20-main 2.12.10-r0 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.19-main 2.11.8-r0 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.19-main 2.11.8-r1 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.19-main 2.11.8-r2 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
libxml2 3.19-main 2.11.8-r3 Carlo Landmeter <clandmeter@alpinelinux.org> possibly vulnerable
qt6-qtwebengine 3.22-community 6.8.3-r5 Bart Ribbers <bribbers@disroot.org> fixed
qt6-qtwebengine edge-community 6.9.3-r2 Bart Ribbers <bribbers@disroot.org> fixed