Vulnerability DatabaseCVE-2025-6021
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2025-6021
Published:June 12, 2025
Updated:May 16, 2026
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
Related Resources (28)
https://access.redhat.com/errata/RHSA-2025:11673
https://access.redhat.com/security/cve/CVE-2025-6021
https://access.redhat.com/errata/RHSA-2025:12098
https://access.redhat.com/errata/RHSA-2025:12240
https://bugzilla.redhat.com/show_bug.cgi?id=2372406
https://access.redhat.com/errata/RHSA-2025:12237
https://access.redhat.com/errata/RHSA-2025:10698
https://access.redhat.com/errata/RHSA-2025:14396
https://access.redhat.com/errata/RHSA-2025:13335
https://access.redhat.com/errata/RHSA-2025:19020
https://access.redhat.com/errata/RHSA-2025:12199
https://access.redhat.com/errata/RHSA-2025:12239
https://gitlab.gnome.org/GNOME/libxml2/-/issues/926
https://cert-portal.siemens.com/productcert/html/ssa-032379.html
https://access.redhat.com/errata/RHSA-2025:10699
https://access.redhat.com/errata/RHSA-2025:12099
https://access.redhat.com/errata/RHSA-2025:14059
https://access.redhat.com/errata/RHSA-2025:13267
https://access.redhat.com/errata/RHSA-2025:13336
https://access.redhat.com/errata/RHSA-2026:7519
https://access.redhat.com/errata/RHSA-2025:13325
https://access.redhat.com/errata/RHSA-2025:10630
https://access.redhat.com/errata/RHSA-2025:13289
https://access.redhat.com/errata/RHSA-2025:15308
https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html
https://access.redhat.com/errata/RHSA-2025:12241
https://access.redhat.com/errata/RHSA-2025:11580
https://access.redhat.com/errata/RHSA-2025:15672
Do you need more information?
Contact Us
CVSS v4
Base Score:
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH
Weakness Type (CWE)
Out-of-bounds Write
CWE-787
EPSS
Base Score:
2.12