INFSA-2025:22376: libxml2 security update
Information about definition
Identificator: INFSA-2025:22376
Type: security
Release date: 2025-12-07 21:49:29 UTC
Information about package
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Vulnerabilities description
- CVE-2025-9714
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map()', leading to stack exhaustion and a local denial of service.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-9714
|
no information | 6.2 | no information |
Updated packages
Preparing to download...