VDB
RHSA-2025%3A3066
RHSA-2025%3A3066
PUBLISHED
CVSS 8.100000381469727 HIGH
A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.
Risk Scores
CVSS 3.1
8.100000381469727
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-oauth-server-rhel9@sha256:e8fe72c67dc71fddbb8ba4d9a775c3ea51c8bf821be6d90f5c5c70b68996f720_s390x as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-oauth-server-rhel9@sha256:e8fe72c67dc71fddbb8ba4d9a775c3ea51c8bf821be6d90f5c5c70b68996f720_s390x, * |
| Red Hat | openshift4/ose-deployer-rhel9@sha256:d6e23a5e1f826b1896734ff698e79a1459b6bc7f8768202fafafd6723d89b86e_amd64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-deployer-rhel9@sha256:d6e23a5e1f826b1896734ff698e79a1459b6bc7f8768202fafafd6723d89b86e_amd64, openshift4/ose-deployer-rhel9@sha256:d6e23a5e1f826b1896734ff698e79a1459b6bc7f8768202fafafd6723d89b86e_amd64, openshift4/ose-deployer-rhel9@sha256:d6e23a5e1f826b1896734ff698e79a1459b6bc7f8768202fafafd6723d89b86e_amd64 |
| Red Hat | openshift4/ose-multus-admission-controller-rhel9@sha256:47e07c45b7c9e424531e726d26427a3639b614e6a0972e27340c5af7194d1d37_amd64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-multus-admission-controller-rhel9@sha256:47e07c45b7c9e424531e726d26427a3639b614e6a0972e27340c5af7194d1d37_amd64, openshift4/ose-multus-admission-controller-rhel9@sha256:47e07c45b7c9e424531e726d26427a3639b614e6a0972e27340c5af7194d1d37_amd64, openshift4/ose-multus-admission-controller-rhel9@sha256:47e07c45b7c9e424531e726d26427a3639b614e6a0972e27340c5af7194d1d37_amd64 |
| Red Hat | openshift4/ose-cluster-api-rhel9@sha256:0228ae8ba259c1f0eafea5840eb1de4d7d43369a5eab88757140255fa7e5eeb7_ppc64le as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-cluster-api-rhel9@sha256:0228ae8ba259c1f0eafea5840eb1de4d7d43369a5eab88757140255fa7e5eeb7_ppc64le, openshift4/ose-cluster-api-rhel9@sha256:0228ae8ba259c1f0eafea5840eb1de4d7d43369a5eab88757140255fa7e5eeb7_ppc64le |
| Red Hat | openshift4/ovirt-csi-driver-rhel9-operator@sha256:a5ca1b4217c5ee2c5924486d9b768e0aed034f742c1e3c42e4a3d3bac8cd643c_amd64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ovirt-csi-driver-rhel9-operator@sha256:a5ca1b4217c5ee2c5924486d9b768e0aed034f742c1e3c42e4a3d3bac8cd643c_amd64, openshift4/ovirt-csi-driver-rhel9-operator@sha256:a5ca1b4217c5ee2c5924486d9b768e0aed034f742c1e3c42e4a3d3bac8cd643c_amd64, * |
| Red Hat | openshift4/ose-cluster-olm-rhel9-operator@sha256:135d597e02429b6a6e89463273d9e7b5141c1f2b900ad938f0e653e0a332f2bd_arm64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-cluster-olm-rhel9-operator@sha256:135d597e02429b6a6e89463273d9e7b5141c1f2b900ad938f0e653e0a332f2bd_arm64, openshift4/ose-cluster-olm-rhel9-operator@sha256:135d597e02429b6a6e89463273d9e7b5141c1f2b900ad938f0e653e0a332f2bd_arm64, * |
| Red Hat | openshift4/ose-prometheus-config-reloader-rhel9@sha256:028fdfd56737623f6d1cfc8064cd6b383c012cab5436abc48335a1537dc180fb_s390x as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-prometheus-config-reloader-rhel9@sha256:028fdfd56737623f6d1cfc8064cd6b383c012cab5436abc48335a1537dc180fb_s390x, openshift4/ose-prometheus-config-reloader-rhel9@sha256:028fdfd56737623f6d1cfc8064cd6b383c012cab5436abc48335a1537dc180fb_s390x |
| Red Hat | openshift4/ose-cluster-kube-controller-manager-rhel9-operator@sha256:6702fc9068b8456946cda4bcd9b5e4126c664973ca7f2bbb4c0fab4dda6584eb_amd64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-cluster-kube-controller-manager-rhel9-operator@sha256:6702fc9068b8456946cda4bcd9b5e4126c664973ca7f2bbb4c0fab4dda6584eb_amd64, openshift4/ose-cluster-kube-controller-manager-rhel9-operator@sha256:6702fc9068b8456946cda4bcd9b5e4126c664973ca7f2bbb4c0fab4dda6584eb_amd64 |
| Red Hat | openshift4/ose-network-interface-bond-cni-rhel9@sha256:32c8a1c1326a85cdb558fa6708672338d245ce09871584c4415d2bed428340ca_s390x as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-network-interface-bond-cni-rhel9@sha256:32c8a1c1326a85cdb558fa6708672338d245ce09871584c4415d2bed428340ca_s390x, * |
| Red Hat | openshift4/ose-cluster-openshift-apiserver-rhel9-operator@sha256:4c57efcedf91c3926fa448d91e8ce572e26b2ca452bf06eaab26d545bb9d14df_amd64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-cluster-openshift-apiserver-rhel9-operator@sha256:4c57efcedf91c3926fa448d91e8ce572e26b2ca452bf06eaab26d545bb9d14df_amd64, *, openshift4/ose-cluster-openshift-apiserver-rhel9-operator@sha256:4c57efcedf91c3926fa448d91e8ce572e26b2ca452bf06eaab26d545bb9d14df_amd64 |
| Red Hat | openshift4/ose-azure-workload-identity-webhook-rhel9@sha256:8bf8b0e3c74a8a90710b49325021cc83c38be089541c0261be860e66064a55e0_amd64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-azure-workload-identity-webhook-rhel9@sha256:8bf8b0e3c74a8a90710b49325021cc83c38be089541c0261be860e66064a55e0_amd64, *, openshift4/ose-azure-workload-identity-webhook-rhel9@sha256:8bf8b0e3c74a8a90710b49325021cc83c38be089541c0261be860e66064a55e0_amd64 |
| Red Hat | openshift4/azure-kms-encryption-provider-rhel9@sha256:e39902b3cbcf981820969420dfd9b3becb060b822fe0fdff8f606d7f77c7ec39_arm64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/azure-kms-encryption-provider-rhel9@sha256:e39902b3cbcf981820969420dfd9b3becb060b822fe0fdff8f606d7f77c7ec39_arm64, openshift4/azure-kms-encryption-provider-rhel9@sha256:e39902b3cbcf981820969420dfd9b3becb060b822fe0fdff8f606d7f77c7ec39_arm64 |
| Red Hat | openshift4/ose-ovn-kubernetes-rhel9@sha256:70d0fed905c087d646d9b56f7b00e2b9b1126c5294049b91d8f3d351ea9101e3_ppc64le as a component of Red Hat OpenShift Container Platform 4.18 | *, openshift4/ose-ovn-kubernetes-rhel9@sha256:70d0fed905c087d646d9b56f7b00e2b9b1126c5294049b91d8f3d351ea9101e3_ppc64le, openshift4/ose-ovn-kubernetes-rhel9@sha256:70d0fed905c087d646d9b56f7b00e2b9b1126c5294049b91d8f3d351ea9101e3_ppc64le |
| Red Hat | openshift4/ose-gcp-cluster-api-controllers-rhel9@sha256:cb17032dce143775bc775440c77521b5d0d49573286f008fa712f36d4cd1ee3e_amd64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-gcp-cluster-api-controllers-rhel9@sha256:cb17032dce143775bc775440c77521b5d0d49573286f008fa712f36d4cd1ee3e_amd64, openshift4/ose-gcp-cluster-api-controllers-rhel9@sha256:cb17032dce143775bc775440c77521b5d0d49573286f008fa712f36d4cd1ee3e_amd64, openshift4/ose-gcp-cluster-api-controllers-rhel9@sha256:cb17032dce143775bc775440c77521b5d0d49573286f008fa712f36d4cd1ee3e_amd64 |
| Red Hat | openshift4/ose-multus-cni-rhel9@sha256:0db3ea7b1567d7c0fe21e3e9ade3a612d1653fa3faa988b0d90887777091257f_ppc64le as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-multus-cni-rhel9@sha256:0db3ea7b1567d7c0fe21e3e9ade3a612d1653fa3faa988b0d90887777091257f_ppc64le, openshift4/ose-multus-cni-rhel9@sha256:0db3ea7b1567d7c0fe21e3e9ade3a612d1653fa3faa988b0d90887777091257f_ppc64le, openshift4/ose-multus-cni-rhel9@sha256:0db3ea7b1567d7c0fe21e3e9ade3a612d1653fa3faa988b0d90887777091257f_ppc64le |
| Red Hat | openshift4/ose-cluster-storage-rhel9-operator@sha256:5d46bdfaf8e391e56774ae8ec4a10d5f922de4c74758a4adfd82db3690560d3c_ppc64le as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-cluster-storage-rhel9-operator@sha256:5d46bdfaf8e391e56774ae8ec4a10d5f922de4c74758a4adfd82db3690560d3c_ppc64le, openshift4/ose-cluster-storage-rhel9-operator@sha256:5d46bdfaf8e391e56774ae8ec4a10d5f922de4c74758a4adfd82db3690560d3c_ppc64le, * |
| Red Hat | openshift4/azure-kms-encryption-provider-rhel9@sha256:e39902b3cbcf981820969420dfd9b3becb060b822fe0fdff8f606d7f77c7ec39_arm64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/azure-kms-encryption-provider-rhel9@sha256:e39902b3cbcf981820969420dfd9b3becb060b822fe0fdff8f606d7f77c7ec39_arm64, openshift4/azure-kms-encryption-provider-rhel9@sha256:e39902b3cbcf981820969420dfd9b3becb060b822fe0fdff8f606d7f77c7ec39_arm64, openshift4/azure-kms-encryption-provider-rhel9@sha256:e39902b3cbcf981820969420dfd9b3becb060b822fe0fdff8f606d7f77c7ec39_arm64 |
| Red Hat | openshift4/aws-kms-encryption-provider-rhel9@sha256:74527d9d35442405965b9504bc18e64c4af758cf7c72a299b21a5fb7acf1ab65_s390x as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/aws-kms-encryption-provider-rhel9@sha256:74527d9d35442405965b9504bc18e64c4af758cf7c72a299b21a5fb7acf1ab65_s390x, openshift4/aws-kms-encryption-provider-rhel9@sha256:74527d9d35442405965b9504bc18e64c4af758cf7c72a299b21a5fb7acf1ab65_s390x |
| Red Hat | openshift4/ose-csi-external-provisioner-rhel9@sha256:cb062227b2276c94f1abc0b982c58ef1ae6f197aa7b47877d782094a3e4f8e93_amd64 as a component of Red Hat OpenShift Container Platform 4.18 | openshift4/ose-csi-external-provisioner-rhel9@sha256:cb062227b2276c94f1abc0b982c58ef1ae6f197aa7b47877d782094a3e4f8e93_amd64, openshift4/ose-csi-external-provisioner-rhel9@sha256:cb062227b2276c94f1abc0b982c58ef1ae6f197aa7b47877d782094a3e4f8e93_amd64 |
| Red Hat | openshift4/ose-kubevirt-cloud-controller-manager-rhel9@sha256:1103b3f637f0b2f512d56312632b6243efda34bfc76f42c278a8c242ecb0bf9b_s390x as a component of Red Hat OpenShift Container Platform 4.18 | *, * |
…and 1304 more
Timeline
- Mar 25, 2025 CVE Published
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Distribution Patch
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- Apr 24, 2026 Security Advisory
- May 11, 2026 CVE Updated
References
- https://access.redhat.com/errata/RHSA-2025:3066 advisory
- https://access.redhat.com/security/updates/classification/#important advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2346416 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2347423 issue
- https://issues.redhat.com/browse/OCPBUGS-32792 advisory
- https://issues.redhat.com/browse/OCPBUGS-44185 advisory
- https://issues.redhat.com/browse/OCPBUGS-48305 advisory
- https://issues.redhat.com/browse/OCPBUGS-50810 advisory
- https://issues.redhat.com/browse/OCPBUGS-50996 advisory
- https://issues.redhat.com/browse/OCPBUGS-51306 advisory
- https://issues.redhat.com/browse/OCPBUGS-52371 advisory
- https://issues.redhat.com/browse/OCPBUGS-52406 advisory
- https://issues.redhat.com/browse/OCPBUGS-52490 advisory
- https://issues.redhat.com/browse/OCPBUGS-52495 advisory
- https://issues.redhat.com/browse/OCPBUGS-52863 advisory
- https://issues.redhat.com/browse/OCPBUGS-52878 advisory
- https://issues.redhat.com/browse/OCPBUGS-52943 advisory
- https://issues.redhat.com/browse/OCPBUGS-52982 advisory
- https://issues.redhat.com/browse/OCPBUGS-53024 advisory
- https://issues.redhat.com/browse/OCPBUGS-53040 advisory
…and 14 more