CVE-2025-6021

{"id": "CVE-2025-6021", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-06-12T13:15:25.590", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:10630", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:10698", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:10699", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:11580", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:11673", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:12098", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:12099", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:12199", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:12237", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:12239", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:12240", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:12241", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:13267", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:13289", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:13325", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:13335", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:13336", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:14059", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:14396", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:15308", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:15672", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2025:19020", "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-6021", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406", "tags": ["Issue Tracking"], "source": "secalert@redhat.com"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/926", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-121"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input."}, {"lang": "es", "value": "Se detect\u00f3 una falla en la funci\u00f3n xmlBuildQName de libxml2. Los desbordamientos de enteros en los c\u00e1lculos del tama\u00f1o del b\u00fafer pueden provocar un desbordamiento del b\u00fafer en la pila. Este problema puede provocar corrupci\u00f3n de memoria o una denegaci\u00f3n de servicio al procesar entradas manipuladas."}], "lastModified": "2025-11-29T01:16:03.137", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F92E45C9-6E79-4525-8B22-795EE481A019", "versionEndExcluding": "2.14.4"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B453CF7-9AA6-4B94-A003-BF7AE0B82F53"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FFF1D51-ABA8-4E54-B81C-A88C8A5E4842"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "486B3F69-1551-4F8B-B25B-A5864248811B"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4716808D-67EB-4E14-9910-B248A500FAFA"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EBB38E1-4161-402D-8A37-74D92891AAC5"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4B66318-326A-43E4-AF14-015768296E4E"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "710DD65D-7740-4D21-9078-5242C034B00B"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "226AD7DB-D8CB-45A3-97AE-3FE79774133E"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B361729-2847-4FE1-9503-BF9FA81307C5"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA5959A2-F48B-449B-89AD-ECDE9E5418E6"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3056B67-E5C4-40A0-86BF-1D9E6637B13F"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E33CF29-5075-467C-8F38-D7144262CF8A"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68CE620D-7572-4194-87C0-E278BDC2AED3"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08B9C7A4-4D65-4771-B92D-914C9C9A6C4A"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99ADC66F-3B19-4767-B876-67BA1C8D195B"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4F24706-3DF4-49D0-870D-39D4FC02CF4A"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1C47559-7265-4185-84B5-D8D2B177E08A"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0D104DE-8FF4-4CD1-A698-3A5296956FCE"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_z:4.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FECE0715-303D-4696-9145-0CF6E0CBCDCC"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDD2E6ED-9BDE-404B-AD0D-F78D69B13B34"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "065C13FF-588E-42F5-B3C9-3302082E6524"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1E0DF9A-C358-48A0-911F-0A17E1982E4B"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABEED453-F241-4841-A5AE-8BFFA587119F"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACED494B-3DE5-41E2-A775-DEFEA19E92FE"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D260BEC4-3932-4F7E-8C2B-2472C320373A"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FF27781-22D9-4283-959D-951C76429EF5"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F68F84F5-7671-4778-AE48-5CF243B62D88"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33D2A2D4-A006-422D-AA0C-8E764FB104C5"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EC48A26-5827-4EC0-BE90-EA25F0A9B56C"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57C161A1-56C7-4090-989D-F1784F1F4E54"}, {"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F398F24-4233-4914-B063-5F586D843DA7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B03506D7-0FCD-47B7-90F6-DDEEB5C5A733"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4CF8D2F-DACA-49C2-A9F4-63496B0A9A80"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34990D09-125F-48CA-B85E-9D9F0EB4BC07"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A47EF78-A5B6-4B89-8B74-EEB0647C549F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F7DAD7C-9369-4A87-A1D0-4208D3AF0CDC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.4_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBF70805-7EBF-4731-83DB-D71F7A646B0F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:10.0_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39DBA47B-96D0-4EF3-A653-193B6BDCD795"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01363FFA-F7A6-43FC-8D47-E67F95410095"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA15BFFC-B8E8-4EE3-8E14-8C95DF6C99C4"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:10.0_aarch64:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15C78B63-6947-4580-BA46-8418C5FB10B7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32AF225E-94C0-4D07-900C-DD868C05F554"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "069180B4-BA50-4AD0-8BA9-83F8005E58BE"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.0_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8492E227-C09E-4F51-8EAF-0F7BCCD41A16"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CC06C2A-64A5-4302-B754-A4DC0E12FE7C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F843B777-5C64-4CAE-80D6-89DC2C9515B1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "778ACA25-ED77-4EFC-A183-DE094C58B268"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.0_s390x:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D8456B7-F13F-4E74-B610-F1301B738A6C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23D471AC-7DCA-4425-AD91-E5D928753A8C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1FABD546-0E45-4A65-A2E5-50EC62B852E7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC3CBA5D-9E5D-4C46-B37E-7BB35BE8DADB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0516993E-CBD5-44F1-8684-7172C9ABFD0A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.0_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "189D490B-E674-4957-BD84-B0615A06FBF7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39D345D3-108A-4551-A112-5EE51991411A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FDD919E-B7FE-4EC5-8D6B-EC9A4723D6E2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C30F155-DF7D-4195-92D9-A5B80407228D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"}, {"criteria": "cpe:2.3:o:redhat:in-vehicle_operating_system:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA321190-E0A9-403B-B9DA-4C18A950E266"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}