CVE-2025-6021

high-risk
Published 2025-06-12

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Do I need to act?

~
2.1% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (20)

Openshift Container Platform For Arm64
Openshift Container Platform For Arm64
Openshift Container Platform For Arm64
Openshift Container Platform For Arm64
Openshift Container Platform For Arm64
Openshift Container Platform For Arm64
Openshift Container Platform For Ibm Z
Openshift Container Platform For Ibm Z
Openshift Container Platform For Ibm Z
Openshift Container Platform For Ibm Z
Openshift Container Platform For Ibm Z

Affected Vendors

Redhat Xmlsoft

References (27)

Third Party Advisory https://access.redhat.com/errata/RHSA-2025:10630
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:10698
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:10699
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:11580
https://access.redhat.com/errata/RHSA-2025:11673
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:12098
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:12099
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:12199
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:12237
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:12239
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:12240
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:12241
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:13267
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:13289
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:13325
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:13335
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:13336
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:14059
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:14396
Third Party Advisory https://access.redhat.com/errata/RHSA-2025:15308
and 7 more references
59
/ 100
high-risk
Severity 26/34 · High
Exploitability 5/34 · Minimal
Exposure 28/34 · Critical