Nixpkgs security tracker

Permalink CVE-2025-49794

9.1 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 10 months ago

Libxml: heap use after free (uaf) leads to denial of service (dos)

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

References

https://access.redhat.com/security/cve/CVE-2025-49794 vdb-entryx_refsource_REDHAT
RHBZ#2372373 issue-trackingx_refsource_REDHAT
RHSA-2025:10630 vendor-advisoryx_refsource_REDHAT
RHSA-2025:10698 vendor-advisoryx_refsource_REDHAT
RHSA-2025:10699 vendor-advisoryx_refsource_REDHAT
RHSA-2025:11580 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12098 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12099 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12199 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12237 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12239 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12240 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12241 vendor-advisoryx_refsource_REDHAT
RHSA-2025:13335 vendor-advisoryx_refsource_REDHAT
RHSA-2025:15827 vendor-advisoryx_refsource_REDHAT
RHSA-2025:15828 vendor-advisoryx_refsource_REDHAT
RHSA-2025:18219 vendor-advisoryx_refsource_REDHAT
RHSA-2025:15397 vendor-advisoryx_refsource_REDHAT
RHSA-2025:18217 vendor-advisoryx_refsource_REDHAT
RHSA-2025:18218 vendor-advisoryx_refsource_REDHAT
RHSA-2025:18240 vendor-advisoryx_refsource_REDHAT
RHSA-2025:19020 vendor-advisoryx_refsource_REDHAT
RHSA-2025:19046 vendor-advisoryx_refsource_REDHAT
RHSA-2025:19041 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html
RHSA-2025:19894 vendor-advisoryx_refsource_REDHAT
RHSA-2025:21913 vendor-advisoryx_refsource_REDHAT
RHSA-2026:0934 vendor-advisoryx_refsource_REDHAT

Affected products

rhcos

*

libxml2

<2.15.0
*

Red Hat JBoss Core Services 2.4.62.SP2

web-terminal/web-terminal-tooling-rhel9

*

cert-manager/jetstack-cert-manager-rhel9

*

web-terminal/web-terminal-rhel9-operator

*

openshift-serverless-1/logic-rhel8-operator

*

openshift-serverless-1/logic-operator-bundle

*

insights-proxy/insights-proxy-container-rhel9

*

openshift-serverless-1/logic-swf-builder-rhel8

*

openshift-serverless-1/logic-swf-devmode-rhel8

*

compliance/openshift-file-integrity-rhel8-operator

*

openshift-serverless-1/logic-db-migrator-tool-rhel8

*

openshift-serverless-1/logic-management-console-rhel8

*

openshift-serverless-1/logic-data-index-ephemeral-rhel8

*

openshift-serverless-1/logic-data-index-postgresql-rhel8

*

openshift-serverless-1/logic-jobs-service-ephemeral-rhel8

*

openshift-serverless-1/logic-jobs-service-postgresql-rhel8

*

openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8

*

registry.redhat.io/insights-proxy/insights-proxy-container-rhel9

*

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.libxml2Python

None

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.sbclPackages.cl-libxml2

None

nixos-unstable libxml2-20130615-git
- nixpkgs-unstable libxml2-20130615-git
- nixos-unstable-small libxml2-20130615-git

pkgs.python311Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.4
- nixpkgs-unstable 2.13.4
- nixos-unstable-small 2.13.4

pkgs.python312Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.python313Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libxml-2.0%22

Test whether libxml2-2.13.8 exposes pkg-config modules libxml-2.0

nixos-unstable libxml2
- nixpkgs-unstable libxml2
- nixos-unstable-small libxml2

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@Uthar Kasper Gałkowski <galkowskikasper@gmail.com>
@lukego Luke Gorrie <luke@snabb.co>
@hraban Hraban Luyat <hraban@0brg.net>
@nagy Daniel Nagy <danielnagy@posteo.de>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>

Permalink CVE-2025-49796

9.1 CRITICAL

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 10 months ago

Libxml: type confusion leads to denial of service (dos)

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

References

https://access.redhat.com/security/cve/CVE-2025-49796 vdb-entryx_refsource_REDHAT
RHBZ#2372385 issue-trackingx_refsource_REDHAT
RHSA-2025:10630 vendor-advisoryx_refsource_REDHAT
RHSA-2025:10698 vendor-advisoryx_refsource_REDHAT
RHSA-2025:10699 vendor-advisoryx_refsource_REDHAT
RHSA-2025:11580 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12098 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12099 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12199 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12237 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12239 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12240 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12241 vendor-advisoryx_refsource_REDHAT
RHSA-2025:13267 vendor-advisoryx_refsource_REDHAT
RHSA-2025:13335 vendor-advisoryx_refsource_REDHAT
RHSA-2025:15827 vendor-advisoryx_refsource_REDHAT
RHSA-2025:15828 vendor-advisoryx_refsource_REDHAT
RHSA-2025:18219 vendor-advisoryx_refsource_REDHAT
RHSA-2025:15397 vendor-advisoryx_refsource_REDHAT
RHSA-2025:18217 vendor-advisoryx_refsource_REDHAT
RHSA-2025:18218 vendor-advisoryx_refsource_REDHAT
RHSA-2025:18240 vendor-advisoryx_refsource_REDHAT
RHSA-2025:19020 vendor-advisoryx_refsource_REDHAT
RHSA-2025:19046 vendor-advisoryx_refsource_REDHAT
RHSA-2025:19041 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html
RHSA-2025:19894 vendor-advisoryx_refsource_REDHAT
RHSA-2025:21913 vendor-advisoryx_refsource_REDHAT
RHSA-2026:0934 vendor-advisoryx_refsource_REDHAT

Affected products

rhcos

*

libxml2

<2.15.0
*

discovery/discovery-server-rhel9

*

Red Hat JBoss Core Services 2.4.62.SP2

web-terminal/web-terminal-tooling-rhel9

*

cert-manager/jetstack-cert-manager-rhel9

*

web-terminal/web-terminal-rhel9-operator

*

openshift-serverless-1/logic-rhel8-operator

*

openshift-serverless-1/logic-operator-bundle

*

insights-proxy/insights-proxy-container-rhel9

*

openshift-serverless-1/logic-swf-builder-rhel8

*

openshift-serverless-1/logic-swf-devmode-rhel8

*

compliance/openshift-file-integrity-rhel8-operator

*

openshift-serverless-1/logic-db-migrator-tool-rhel8

*

registry.redhat.io/discovery/discovery-server-rhel9

*

openshift-serverless-1/logic-management-console-rhel8

*

openshift-serverless-1/logic-data-index-ephemeral-rhel8

*

openshift-serverless-1/logic-data-index-postgresql-rhel8

*

openshift-serverless-1/logic-jobs-service-ephemeral-rhel8

*

openshift-serverless-1/logic-jobs-service-postgresql-rhel8

*

openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8

*

registry.redhat.io/insights-proxy/insights-proxy-container-rhel9

*

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.libxml2Python

None

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.sbclPackages.cl-libxml2

None

nixos-unstable libxml2-20130615-git
- nixpkgs-unstable libxml2-20130615-git
- nixos-unstable-small libxml2-20130615-git

pkgs.python311Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.4
- nixpkgs-unstable 2.13.4
- nixos-unstable-small 2.13.4

pkgs.python312Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.python313Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libxml-2.0%22

Test whether libxml2-2.13.8 exposes pkg-config modules libxml-2.0

nixos-unstable libxml2
- nixpkgs-unstable libxml2
- nixos-unstable-small libxml2

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@Uthar Kasper Gałkowski <galkowskikasper@gmail.com>
@lukego Luke Gorrie <luke@snabb.co>
@hraban Hraban Luyat <hraban@0brg.net>
@nagy Daniel Nagy <danielnagy@posteo.de>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>

Permalink CVE-2025-6170

2.5 LOW

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): LOW

created 10 months ago

Libxml2: stack buffer overflow in xmllint interactive shell command handling

A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.

References

https://access.redhat.com/security/cve/CVE-2025-6170 vdb-entryx_refsource_REDHAT
RHBZ#2372952 issue-trackingx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html

Affected products

rhcos

libxml2

<2.14.5

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.libxml2Python

None

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.sbclPackages.cl-libxml2

None

nixos-unstable libxml2-20130615-git
- nixpkgs-unstable libxml2-20130615-git
- nixos-unstable-small libxml2-20130615-git

pkgs.python311Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.4
- nixpkgs-unstable 2.13.4
- nixos-unstable-small 2.13.4

pkgs.python312Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.python313Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libxml-2.0%22

Test whether libxml2-2.13.8 exposes pkg-config modules libxml-2.0

nixos-unstable libxml2
- nixpkgs-unstable libxml2
- nixos-unstable-small libxml2

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@Uthar Kasper Gałkowski <galkowskikasper@gmail.com>
@lukego Luke Gorrie <luke@snabb.co>
@hraban Hraban Luyat <hraban@0brg.net>
@nagy Daniel Nagy <danielnagy@posteo.de>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>

Permalink CVE-2025-49795

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 10 months ago

Libxml: null pointer dereference leads to denial of service (dos)

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.

References

https://access.redhat.com/security/cve/CVE-2025-49795 vdb-entryx_refsource_REDHAT
RHBZ#2372379 issue-trackingx_refsource_REDHAT
RHSA-2025:10630 vendor-advisoryx_refsource_REDHAT
RHSA-2025:19020 vendor-advisoryx_refsource_REDHAT

Affected products

libxml2

*
<2.15.0

Red Hat JBoss Core Services 2.4.62.SP2

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.libxml2Python

None

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.sbclPackages.cl-libxml2

None

nixos-unstable libxml2-20130615-git
- nixpkgs-unstable libxml2-20130615-git
- nixos-unstable-small libxml2-20130615-git

pkgs.python311Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.4
- nixpkgs-unstable 2.13.4
- nixos-unstable-small 2.13.4

pkgs.python312Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.python313Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libxml-2.0%22

Test whether libxml2-2.13.8 exposes pkg-config modules libxml-2.0

nixos-unstable libxml2
- nixpkgs-unstable libxml2
- nixos-unstable-small libxml2

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>
@Uthar Kasper Gałkowski <galkowskikasper@gmail.com>
@lukego Luke Gorrie <luke@snabb.co>
@hraban Hraban Luyat <hraban@0brg.net>
@nagy Daniel Nagy <danielnagy@posteo.de>
@7c6f434c Michael Raskin <7c6f434c@mail.ru>

Permalink CVE-2025-6021

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 10 months ago

Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

References

https://access.redhat.com/security/cve/CVE-2025-6021 vdb-entryx_refsource_REDHAT
RHBZ#2372406 issue-trackingx_refsource_REDHAT
RHSA-2025:10630 vendor-advisoryx_refsource_REDHAT
RHSA-2025:10698 vendor-advisoryx_refsource_REDHAT
RHSA-2025:10699 vendor-advisoryx_refsource_REDHAT
RHSA-2025:11580 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12098 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12099 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12199 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12237 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12239 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12240 vendor-advisoryx_refsource_REDHAT
RHSA-2025:12241 vendor-advisoryx_refsource_REDHAT
RHSA-2025:13267 vendor-advisoryx_refsource_REDHAT
RHSA-2025:13335 vendor-advisoryx_refsource_REDHAT
RHSA-2025:13325 vendor-advisoryx_refsource_REDHAT
RHSA-2025:13336 vendor-advisoryx_refsource_REDHAT
RHSA-2025:13289 vendor-advisoryx_refsource_REDHAT
RHSA-2025:14059 vendor-advisoryx_refsource_REDHAT
RHSA-2025:14396 vendor-advisoryx_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libxml2/-/issues/926 exploitissue-tracking
RHSA-2025:15308 vendor-advisoryx_refsource_REDHAT
RHSA-2025:15672 vendor-advisoryx_refsource_REDHAT
RHSA-2025:19020 vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html
RHSA-2025:11673 vendor-advisoryx_refsource_REDHAT

Affected products

rhcos

*

libxml2

<2.14.4
*

discovery/discovery-server-rhel9

*

Red Hat JBoss Core Services 2.4.62.SP2

insights-proxy/insights-proxy-container-rhel9

*

registry.redhat.io/discovery/discovery-server-rhel9

*

registry.redhat.io/insights-proxy/insights-proxy-container-rhel9

*

Matching in nixpkgs

pkgs.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.libxml2Python

None

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.python311Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.4
- nixpkgs-unstable 2.13.4
- nixos-unstable-small 2.13.4

pkgs.python312Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

pkgs.python313Packages.libxml2

XML parsing library for C

nixos-unstable 2.13.8
- nixpkgs-unstable 2.13.8
- nixos-unstable-small 2.13.8

Package maintainers

@jtojnar Jan Tojnar <jtojnar@gmail.com>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.libxml2

pkgs.libxml2Python

pkgs.sbclPackages.cl-libxml2

pkgs.python311Packages.libxml2

pkgs.python312Packages.libxml2

pkgs.python313Packages.libxml2

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libxml-2.0%22

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.libxml2

pkgs.libxml2Python

pkgs.sbclPackages.cl-libxml2

pkgs.python311Packages.libxml2

pkgs.python312Packages.libxml2

pkgs.python313Packages.libxml2

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libxml-2.0%22

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.libxml2

pkgs.libxml2Python

pkgs.sbclPackages.cl-libxml2

pkgs.python311Packages.libxml2

pkgs.python312Packages.libxml2

pkgs.python313Packages.libxml2

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libxml-2.0%22

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.libxml2

pkgs.libxml2Python

pkgs.sbclPackages.cl-libxml2

pkgs.python311Packages.libxml2

pkgs.python312Packages.libxml2

pkgs.python313Packages.libxml2

pkgs.tests.pkg-config.defaultPkgConfigPackages.%22libxml-2.0%22

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.libxml2

pkgs.libxml2Python

pkgs.python311Packages.libxml2

pkgs.python312Packages.libxml2

pkgs.python313Packages.libxml2

Package maintainers