{"id":"CVE-2025-49794","details":"A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.","modified":"2026-03-12T02:19:13.232423858Z","published":"2025-06-16T16:15:18Z","withdrawn":"2026-01-27T04:20:13.242891Z","related":["ALSA-2025:10630","ALSA-2025:10698","ALSA-2025:10699","MGASA-2025-0269","SUSE-SU-2025:02260-1","SUSE-SU-2025:02275-1","SUSE-SU-2025:02294-1","SUSE-SU-2025:02314-1","SUSE-SU-2025:02355-1","SUSE-SU-2025:20564-1","SUSE-SU-2025:20607-1","openSUSE-SU-2025:15321-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:10630"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:10698"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:10699"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:11580"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12098"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12099"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12199"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12237"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12239"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12240"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12241"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13335"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372373"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2025-49794"}],"schema_version":"1.7.3"}