mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
3.8 KiB
3.8 KiB
CVE-2025-49794
Description
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.
POC
Reference
No PoCs from references.
Github
- https://github.com/11notes/docker-paperless-ngx
- https://github.com/8-cm/kube-dump
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/Icare741/TPTrivy
- https://github.com/runwhen-contrib/helm-charts
- https://github.com/telicent-oss/telicent-base-images
- https://github.com/w4zu/Debian_security