CVE-2025-27113

Publication date 18 February 2025

Last updated 21 February 2025

Ubuntu priority

Medium

Why this priority?

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

Status

Package Ubuntu Release Status
libxml2 24.10 oracular
Vulnerable
24.04 LTS noble
Vulnerable
22.04 LTS jammy
Vulnerable
20.04 LTS focal
Vulnerable
18.04 LTS bionic
Vulnerable
16.04 LTS xenial
Vulnerable

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
libxml2