VDB

ALPINE-CVE-2025-27113

ALPINE-CVE-2025-27113 PUBLISHED CVSS 7.5 HIGH

libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.21libxml22.7.6-r3, 2.9.4-r3, 2.9.4-r2
Alpine:v3.22libxml22.9.9-r3, 2.9.9-r2, 2.9.9-r1
Alpine:v3.23libxml22.7.6-r1, 0, 2.10.0-r0
Alpine:v3.19libxml22.10.2-r0, 2.10.2-r1, 2.10.3-r0
Alpine:v3.20libxml22.9.1-r1, 2.9.8-r2, 2.9.8-r1
Alpine:v3.18libxml22.9.6-r0, 2.9.5-r0, 2.9.4-r4

Exploit Intelligence

Timeline

  • Feb 18, 2025 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch
Open in Interactive Console →
$ Console Community · 100/wk Open console ›