CVE-2025-6021

High CVSS 7.5

Overview

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

CWE: CWE-121 Published: 2025-06-12T13:15:25.590

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.5 (HIGH)
Detected tags: buffer, dos, int_overflow (tag impact: LOW)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.

Overview

Recommended tools

Tags