{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-24928", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-07-23T03:55:31.090Z", "dateReserved": "2025-01-28T00:00:00.000Z", "datePublished": "2025-02-18T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "libxml2", "vendor": "xmlsoft", "versions": [{"lessThan": "2.12.10", "status": "affected", "version": "0", "versionType": "semver"}, {"lessThan": "2.13.6", "status": "affected", "version": "2.13.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-02-18T22:20:43.285Z"}, "references": [{"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847"}, {"url": "https://issues.oss-fuzz.com/issues/392687022"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"}}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.12.10"}, {"vulnerable": true, "criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.13.0", "versionEndExcluding": "2.13.6"}]}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-22T00:00:00+00:00", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-24928"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-23T03:55:31.090Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20250321-0006/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-03-21T18:03:53.384Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20250321-0006/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-03-21T18:03:53.384Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-24928", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-19T15:39:40.380435Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-19T15:39:52.793Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N"}}], "affected": [{"vendor": "xmlsoft", "product": "libxml2", "versions": [{"status": "affected", "version": "0", "lessThan": "2.12.10", "versionType": "semver"}, {"status": "affected", "version": "2.13.0", "lessThan": "2.13.6", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847"}, {"url": "https://issues.oss-fuzz.com/issues/392687022"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.12.10"}, {"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "2.13.6", "versionStartIncluding": "2.13.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-02-18T22:20:43.285Z"}}}, "cveMetadata": {"cveId": "CVE-2025-24928", "state": "PUBLISHED", "dateUpdated": "2025-07-23T03:55:31.090Z", "dateReserved": "2025-01-28T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-02-18T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*", "matchCriteriaId": "E8F29E19-3A64-4426-A2AA-F169440267CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:manageability_software_development_kit:-:*:*:*:*:*:*:*", "matchCriteriaId": "D39DCAE7-494F-40B2-867F-6C6A077939DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:ontap:9:*:*:*:*:*:*:*", "matchCriteriaId": "A20333EE-4C13-426E-8B54-D78679D5DDB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "matchCriteriaId": "9EB46E7E-7E29-4F40-A890-EEC2C36FB50E", "versionEndExcluding": "2.12.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA27632E-368D-4792-B20A-49B3B168F3CE", "versionEndExcluding": "2.13.6", "versionStartIncluding": "2.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "4AFE5CAF-ACA7-4F82-BEC1-69562D75E66E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047."}, {"lang": "es", "value": "LibXML2 antes de 2.12.10 y 2.13.x antes de 2.13.6 tiene un desbordamiento de b\u00fafer basado en pila en XMLSNPrintfelements en Valid.c. Para explotar esto, la validaci\u00f3n de DTD debe ocurrir para un documento no confiable o DTD no confiable. Nota: Esto es similar a CVE-2017-9047."}], "id": "CVE-2025-24928", "lastModified": "2025-10-16T19:34:33.453", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 5.8, "source": "cve@mitre.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-02-18T23:15:10.250", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/847"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking"], "url": "https://issues.oss-fuzz.com/issues/392687022"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20250321-0006/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-121"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:2673", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "libxml2-0:2.9.1-6.el7_9.9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-03-12T00:00:00Z"}, {"advisory": "RHSA-2025:2686", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "libxml2-0:2.9.7-19.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-03-12T00:00:00Z"}, {"advisory": "RHSA-2025:2686", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "libxml2-0:2.9.7-19.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-03-12T00:00:00Z"}, {"advisory": "RHSA-2025:2654", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "libxml2-0:2.9.7-9.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-03-11T00:00:00Z"}, {"advisory": "RHSA-2025:2660", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "libxml2-0:2.9.7-9.el8_4.5", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-03-11T00:00:00Z"}, {"advisory": "RHSA-2025:2660", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "libxml2-0:2.9.7-9.el8_4.5", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2025-03-11T00:00:00Z"}, {"advisory": "RHSA-2025:2660", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "libxml2-0:2.9.7-9.el8_4.5", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2025-03-11T00:00:00Z"}, {"advisory": "RHSA-2025:2513", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "libxml2-0:2.9.7-13.el8_6.8", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-03-10T00:00:00Z"}, {"advisory": "RHSA-2025:2513", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "libxml2-0:2.9.7-13.el8_6.8", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-03-10T00:00:00Z"}, {"advisory": "RHSA-2025:2513", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "libxml2-0:2.9.7-13.el8_6.8", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-03-10T00:00:00Z"}, {"advisory": "RHSA-2025:2507", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "libxml2-0:2.9.7-16.el8_8.7", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2025-03-10T00:00:00Z"}, {"advisory": "RHSA-2025:2679", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "libxml2-0:2.9.13-6.el9_5.2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-03-12T00:00:00Z"}, {"advisory": "RHSA-2025:2679", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "libxml2-0:2.9.13-6.el9_5.2", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-03-12T00:00:00Z"}, {"advisory": "RHSA-2025:2483", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "libxml2-0:2.9.13-1.el9_0.4", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-03-10T00:00:00Z"}, {"advisory": "RHSA-2025:2482", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "libxml2-0:2.9.13-3.el9_2.6", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-03-10T00:00:00Z"}, {"advisory": "RHSA-2025:2678", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "libxml2-0:2.9.13-9.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-03-12T00:00:00Z"}, {"advisory": "RHSA-2025:3573", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "rhcos-412.86.202503310142-0", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3780", "cpe": "cpe:/a:redhat:openshift:4.13::el9", "package": "rhcos-413.92.202504070146-0", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2025-04-17T00:00:00Z"}, {"advisory": "RHSA-2025:3569", "cpe": "cpe:/a:redhat:openshift:4.14::el9", "package": "rhcos-414.92.202504010153-0", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2025-04-09T00:00:00Z"}, {"advisory": "RHSA-2025:3055", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "rhcos-415.92.202503190057-0", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2025-03-26T00:00:00Z"}, {"advisory": "RHSA-2025:3301", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "rhcos-416.94.202503252048-0", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2025-04-03T00:00:00Z"}, {"advisory": "RHSA-2025:3297", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "rhcos-417.94.202503241418-0", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2025-04-03T00:00:00Z"}, {"advisory": "RHSA-2025:3775", "cpe": "cpe:/a:redhat:openshift:4.18::el9", "package": "rhcos-418.94.202504080525-0", "product_name": "Red Hat OpenShift Container Platform 4.18", "release_date": "2025-04-16T00:00:00Z"}, {"advisory": "RHSA-2025:9895", "cpe": "cpe:/a:redhat:service_interconnect:1.4::el9", "package": "skupper-config-sync-container-1.4.8-1", "product_name": "Service Interconnect 1.4 for RHEL 9", "release_date": "2025-06-30T00:00:00Z"}, {"advisory": "RHSA-2025:9895", "cpe": "cpe:/a:redhat:service_interconnect:1.4::el9", "package": "skupper-flow-collector-container-1.4.8-1", "product_name": "Service Interconnect 1.4 for RHEL 9", "release_date": "2025-06-30T00:00:00Z"}, {"advisory": "RHSA-2025:9895", "cpe": "cpe:/a:redhat:service_interconnect:1.4::el9", "package": "skupper-operator-bundle-container-1.4.8-1", "product_name": "Service Interconnect 1.4 for RHEL 9", "release_date": "2025-06-30T00:00:00Z"}, {"advisory": "RHSA-2025:9895", "cpe": "cpe:/a:redhat:service_interconnect:1.4::el9", "package": "skupper-router-container-2.4.3-9", "product_name": "Service Interconnect 1.4 for RHEL 9", "release_date": "2025-06-30T00:00:00Z"}, {"advisory": "RHSA-2025:9895", "cpe": "cpe:/a:redhat:service_interconnect:1.4::el9", "package": "skupper-service-controller-container-1.4.8-1", "product_name": "Service Interconnect 1.4 for RHEL 9", "release_date": "2025-06-30T00:00:00Z"}, {"advisory": "RHSA-2025:9895", "cpe": "cpe:/a:redhat:service_interconnect:1.4::el9", "package": "skupper-site-controller-container-1.4.8-1", "product_name": "Service Interconnect 1.4 for RHEL 9", "release_date": "2025-06-30T00:00:00Z"}, {"advisory": "RHSA-2025:4005", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "skupper-config-sync-container-1.8.5-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2025-04-17T00:00:00Z"}, {"advisory": "RHSA-2025:4005", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "skupper-controller-podman-container-1.8.5-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2025-04-17T00:00:00Z"}, {"advisory": "RHSA-2025:4005", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "skupper-flow-collector-container-1.8.5-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2025-04-17T00:00:00Z"}, {"advisory": "RHSA-2025:4005", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "skupper-operator-bundle-container-1.8.5-2", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2025-04-17T00:00:00Z"}, {"advisory": "RHSA-2025:4005", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "skupper-router-container-2.7.5-2", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2025-04-17T00:00:00Z"}, {"advisory": "RHSA-2025:4005", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "skupper-service-controller-container-1.8.5-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2025-04-17T00:00:00Z"}, {"advisory": "RHSA-2025:4005", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "skupper-site-controller-container-1.8.5-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2025-04-17T00:00:00Z"}, {"advisory": "RHSA-2025:3453", "cpe": "cpe:/a:redhat:jboss_core_services:1", "package": "libxml2", "product_name": "Text-Only JBCS", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8:sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8:sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8:sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8:sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8:sha256:5394cd240a8857906803affec711959da8b8da4e9a7225ddaefe9736c98949b4", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8:sha256:036af0457f091059551ff63563d5cf68f062297a5630a869bbf3398d5e97ffdc", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8:sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8:sha256:2257fe7947959fd59346d2b322f7dbb471831880df659e57344b0d804c2c0099", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8:sha256:8783f8aaed686a63ed1f913364c85606b1447540608f5b7f45412ff0868a4f38", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-model-controller-rhel8:sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-modelmesh-rhel8:sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8:sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3368", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8:sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8:sha256:ee01e89f98feb185f6cd59c564e590a13e4d8d9ea760cca8de51426eb71b83a1", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8:sha256:d7d4fa406e0fcf0507894a7676532b27f45be742467e603a86f98ea5d2615df8", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8:sha256:a0f72ffefb2b74b488dd949493f5d295a39bb9c97f578bf219d0138601f65468", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8:sha256:2ba2b2c4db8bb334c50f4dfb54059f060361186900a44c06eed00b7a3c43977e", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8:sha256:65482864055021272a18b5b26792ab00cfa5fc9cc005d8d3a884cc82991506f3", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8:sha256:7b70af8847b0806d8b43c399e2b3109f016fd864f5e9d30c44e2baca5d1359dc", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8:sha256:5dcdcc2424602a69451f16d31dbfa1d43cb72c095ba561eb9076f0cd1e8182ed", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8:sha256:efd039012559786deb3c521a130886c265e88d635e08baace2e573a9df270134", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8:sha256:27b113d96453c2054d4c965a963d2badba6daac235eddaf23234c76e87bcb069", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-model-controller-rhel8:sha256:6cf74044ae8d5308a2dfe03fa5d81086c89302db7f4cdbe2f4174a1c48b77869", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-modelmesh-rhel8:sha256:c499a2c4a7860a1853adf3ebfbf154f3c03c478034a78566b82711373210af39", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8:sha256:4a7599f8a866eb169c9a62885906adbf6df0417c0be15857df1eef20cd9b1be2", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3397", "cpe": "cpe:/a:redhat:openshift_ai:2.16::el8", "package": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8:sha256:4c5ff3496b2a2a739939d94ee9dafc02b682100785d228dc2fde480fb597b7a5", "product_name": "Red Hat OpenShift AI 2.16", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:2789", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8", "package": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8:sha256:92613ae031dd45d85151ff1bd0703ee6bbc6842133cdc51b274769122ea40ac8", "product_name": "Red Hat OpenShift distributed tracing 3.5.1", "release_date": "2025-03-13T00:00:00Z"}, {"advisory": "RHSA-2025:2789", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8", "package": "registry.redhat.io/rhosdt/opentelemetry-rhel8-operator:sha256:7e0320614f3be4e8bb1442d5890d2a6cebaf0a1038599d6afbf50daca91e1d65", "product_name": "Red Hat OpenShift distributed tracing 3.5.1", "release_date": "2025-03-13T00:00:00Z"}, {"advisory": "RHSA-2025:2789", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8", "package": "registry.redhat.io/rhosdt/opentelemetry-target-allocator-rhel8:sha256:e3f56102b0cf46e862fc1e015516c5364e49d02cd6ca112b72b1fa3287a96a2d", "product_name": "Red Hat OpenShift distributed tracing 3.5.1", "release_date": "2025-03-13T00:00:00Z"}, {"advisory": "RHSA-2025:3867", "cpe": "cpe:/a:redhat:network_observ_optr:1.8::el9", "package": "registry.redhat.io/network-observability/network-observability-rhel9-operator:sha256:3ff12a979feb3b4a2b69f5e7e253eebea703d334e295aefe36884d91e48dd901", "product_name": "Red Hat Openshift Network Observability 1.8.1", "release_date": "2025-04-14T00:00:00Z"}], "bugzilla": {"description": "libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2", "id": "2346421", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346421"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N", "status": "verified"}, "cwe": "CWE-121", "details": ["libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To exploit this, DTD validation must occur for an untrusted document or untrusted DTD. NOTE: this is similar to CVE-2017-9047.", "A flaw was found in libxml2. This vulnerability allows a stack-based buffer overflow via DTD validation of an untrusted document or untrusted DTD."], "name": "CVE-2025-24928", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "libxml2", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libxml2", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2025-02-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-24928\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-24928\nhttps://gitlab.gnome.org/GNOME/libxml2/-/issues/847\nhttps://issues.oss-fuzz.com/issues/392687022"], "statement": "This vulnerability is rated as important because it involves a stack-based buffer overflow in the xmlSnprintfElements function within valid.c. Exploiting this issue requires DTD validation to occur on an untrusted document or untrusted DTD, making it a potential security risk for applications using libxml2 that do not adequately restrict DTD input.", "threat_severity": "Important"}