libxml2 Out-of-Bounds Memory Access Vulnerability in Python API

Vulnerability

A vulnerability allowing out-of-bounds memory access has been identified in libxml2 versions prior to 2.13.8 and 2.14.x prior to 2.14.2. This issue arises in the Python bindings of libxml2, specifically within the functions xmlPythonFileRead and xmlPythonFileReadRaw. The vulnerability is caused by an incorrect return value that creates a mismatch between bytes and characters, leading to the memory access issue.

Impact

Exploitation of this vulnerability can lead to out-of-bounds memory access, which may cause memory corruption or allow for arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

6.0

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libxml2 Out-of-Bounds Memory Access Vulnerability in Python API

Vulnerability

Impact

Affected Products

libxml2

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating