CVE-2025-12863

Rejected reason: This CVE was assigned for a libxml2 issue#1012 but later deemed not valid. Ref.: https://gitlab.gnome.org/GNOME/libxml2/-/issues/1012#note_2608283
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

20 Nov 2025, 15:17

Type Values Removed Values Added
CWE CWE-416
Summary (en) A flaw was found in the xmlSetTreeDoc() function of the libxml2 XML parsing library. This function is responsible for updating document pointers when XML nodes are moved between documents. Due to improper handling of namespace references, a namespace pointer may remain linked to a freed memory region when the original document is destroyed. As a result, subsequent operations that access the namespace can lead to a use-after-free condition, causing an application crash. (en) Rejected reason: This CVE was assigned for a libxml2 issue#1012 but later deemed not valid. Ref.: https://gitlab.gnome.org/GNOME/libxml2/-/issues/1012#note_2608283
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : unknown
References
  • {'url': 'https://access.redhat.com/security/cve/CVE-2025-12863', 'source': 'secalert@redhat.com'}
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=2413323', 'source': 'secalert@redhat.com'}

07 Nov 2025, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-11-07 21:15

Updated : 2025-11-20 15:17


NVD link : CVE-2025-12863

Mitre link : CVE-2025-12863

CVE.ORG link : CVE-2025-12863


JSON object : View

Products Affected

No product.

CWE

No CWE.