Updated: 2025-04-25 04:38:14.288572
Description:
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | HIGH | 7.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | libxml2 | 2.9.13 | 7.5 | HIGH | Needs Triage | 2025-04-25 05:41:30 | ||
| CentOS 6 ELS | libxml2 | 2.7.6 | 7.5 | HIGH | In Rollout | CLSA-2025:1747057793 | 2025-05-13 04:18:10 | |
| CentOS 7 ELS | libxml2 | 2.9.1 | 7.5 | HIGH | In Rollout | CLSA-2025:1747058033 | 2025-05-13 04:18:08 | |
| CentOS 8.4 ELS | libxml2 | 2.9.7-9 | 7.5 | HIGH | Released | CLSA-2025:1746791922 | 2025-05-10 04:57:46 | |
| CentOS 8.5 ELS | libxml2 | 2.9.7-9 | 7.5 | HIGH | Released | CLSA-2025:1746792339 | 2025-05-10 04:57:47 | |
| CentOS Stream 8 ELS | libxml2 | 2.9.7 | 7.5 | HIGH | Released | CLSA-2025:1746654421 | 2025-05-10 04:57:48 | |
| CloudLinux 6 ELS | libxml2 | 2.7.6 | 7.5 | HIGH | In Rollout | CLSA-2025:1747058647 | 2025-05-13 04:18:06 | |
| CloudLinux 7 ELS | libxml2 | 2.9.1 | 7.5 | HIGH | In Rollout | CLSA-2025:1747058839 | 2025-05-13 04:18:09 | |
| Oracle Linux 6 ELS | libxml2 | 2.7.6 | 7.5 | HIGH | Released | CLSA-2025:1747058711 | 2025-05-14 04:51:15 | |
| Oracle Linux 7 ELS | libxml2 | 2.9.1 | 7.5 | HIGH | Released | CLSA-2025:1747058736 | 2025-05-13 04:18:07 |