VDB

RHSA-2025%3A3569

RHSA-2025%3A3569 PUBLISHED CVSS 8.100000381469727 HIGH

A flaw was found in libxml2. This vulnerability allows a use-after-free via a crafted XML document validated against an XML schema with certain identity constraints or a crafted XML schema.

Risk Scores

CVSS 3.1
8.100000381469727
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersions
Red Hatopenshift4/ose-baremetal-runtimecfg-rhel8@sha256:21978532ffb5f05c3ecf14a2f8115e59bd02c4fa5c95dde4cf9e1dd971dca1ea_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-baremetal-runtimecfg-rhel8@sha256:21978532ffb5f05c3ecf14a2f8115e59bd02c4fa5c95dde4cf9e1dd971dca1ea_s390x, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:21978532ffb5f05c3ecf14a2f8115e59bd02c4fa5c95dde4cf9e1dd971dca1ea_s390x, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:21978532ffb5f05c3ecf14a2f8115e59bd02c4fa5c95dde4cf9e1dd971dca1ea_s390x
Red Hatopenshift4/ose-prom-label-proxy@sha256:60a57ee5992478aa33b3a0a99dc506a026454eef75d3a609a53fcdf9c67b4791_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-prom-label-proxy@sha256:60a57ee5992478aa33b3a0a99dc506a026454eef75d3a609a53fcdf9c67b4791_ppc64le, openshift4/ose-prom-label-proxy@sha256:60a57ee5992478aa33b3a0a99dc506a026454eef75d3a609a53fcdf9c67b4791_ppc64le, openshift4/ose-prom-label-proxy@sha256:60a57ee5992478aa33b3a0a99dc506a026454eef75d3a609a53fcdf9c67b4791_ppc64le
Red Hatopenshift4/ose-csi-external-resizer-rhel8@sha256:780149b32d8a75ec39bb80844790937d0cd0415cfbf05785bd8fe05fc23407a5_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-csi-external-resizer-rhel8@sha256:780149b32d8a75ec39bb80844790937d0cd0415cfbf05785bd8fe05fc23407a5_s390x, openshift4/ose-csi-external-resizer-rhel8@sha256:780149b32d8a75ec39bb80844790937d0cd0415cfbf05785bd8fe05fc23407a5_s390x, openshift4/ose-csi-external-resizer-rhel8@sha256:780149b32d8a75ec39bb80844790937d0cd0415cfbf05785bd8fe05fc23407a5_s390x
Red Hatopenshift4/ose-vsphere-csi-driver-operator-rhel8@sha256:39abfc38f4bc551a414279ebd38a492a758e339c3a2964997c3658f1a3662a87_amd64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-vsphere-csi-driver-operator-rhel8@sha256:39abfc38f4bc551a414279ebd38a492a758e339c3a2964997c3658f1a3662a87_amd64, openshift4/ose-vsphere-csi-driver-operator-rhel8@sha256:39abfc38f4bc551a414279ebd38a492a758e339c3a2964997c3658f1a3662a87_amd64
Red Hatopenshift4/ose-olm-operator-controller-rhel8@sha256:feaba38cd4c167e15a58a24c2eaa8e4c8666accb0b3a4c49e3391bbf7a39002f_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-olm-operator-controller-rhel8@sha256:feaba38cd4c167e15a58a24c2eaa8e4c8666accb0b3a4c49e3391bbf7a39002f_amd64, openshift4/ose-olm-operator-controller-rhel8@sha256:feaba38cd4c167e15a58a24c2eaa8e4c8666accb0b3a4c49e3391bbf7a39002f_amd64, openshift4/ose-olm-operator-controller-rhel8@sha256:feaba38cd4c167e15a58a24c2eaa8e4c8666accb0b3a4c49e3391bbf7a39002f_amd64
Red Hatopenshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:8be4d77e10173389301e63ecc0dd51d79f56a13d5c479b29b10a039a1bb564da_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:8be4d77e10173389301e63ecc0dd51d79f56a13d5c479b29b10a039a1bb564da_ppc64le, openshift4/ose-powervs-cloud-controller-manager-rhel8@sha256:8be4d77e10173389301e63ecc0dd51d79f56a13d5c479b29b10a039a1bb564da_ppc64le, *
Red Hatopenshift4/ose-csi-livenessprobe-rhel8@sha256:48d1e2305285e04bb4d053d619318b24210fe89bcb78443d1b44a03c19eef183_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-csi-livenessprobe-rhel8@sha256:48d1e2305285e04bb4d053d619318b24210fe89bcb78443d1b44a03c19eef183_amd64, openshift4/ose-csi-livenessprobe-rhel8@sha256:48d1e2305285e04bb4d053d619318b24210fe89bcb78443d1b44a03c19eef183_amd64, openshift4/ose-csi-livenessprobe-rhel8@sha256:48d1e2305285e04bb4d053d619318b24210fe89bcb78443d1b44a03c19eef183_amd64
Red Hatopenshift4/ose-csi-external-provisioner@sha256:9771fcd2f5a3df598bb057c5eaaa559754d03aac349298e57f89ab31653f785b_arm64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-csi-external-provisioner@sha256:9771fcd2f5a3df598bb057c5eaaa559754d03aac349298e57f89ab31653f785b_arm64, openshift4/ose-csi-external-provisioner@sha256:9771fcd2f5a3df598bb057c5eaaa559754d03aac349298e57f89ab31653f785b_arm64
Red Hatopenshift4/ose-cluster-node-tuning-operator@sha256:176bd10447ce799cff3f07e73898c818e1c71663257ba0b05eb01d8ac562a102_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-node-tuning-operator@sha256:176bd10447ce799cff3f07e73898c818e1c71663257ba0b05eb01d8ac562a102_amd64, openshift4/ose-cluster-node-tuning-operator@sha256:176bd10447ce799cff3f07e73898c818e1c71663257ba0b05eb01d8ac562a102_amd64, openshift4/ose-cluster-node-tuning-operator@sha256:176bd10447ce799cff3f07e73898c818e1c71663257ba0b05eb01d8ac562a102_amd64
Red Hatopenshift4/cloud-network-config-controller-rhel8@sha256:62473a839354a9ece79d613f91c76874e8007fc8bd910ac414051b0e13d08a9a_ppc64le as a component of Red Hat OpenShift Container Platform 4.14openshift4/cloud-network-config-controller-rhel8@sha256:62473a839354a9ece79d613f91c76874e8007fc8bd910ac414051b0e13d08a9a_ppc64le, openshift4/cloud-network-config-controller-rhel8@sha256:62473a839354a9ece79d613f91c76874e8007fc8bd910ac414051b0e13d08a9a_ppc64le, *
Red Hatopenshift4/ose-csi-external-snapshotter@sha256:a622df156f29b32930592baa89afd7d9c90b49c4af0499e12ef34d405b003992_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-csi-external-snapshotter@sha256:a622df156f29b32930592baa89afd7d9c90b49c4af0499e12ef34d405b003992_amd64, openshift4/ose-csi-external-snapshotter@sha256:a622df156f29b32930592baa89afd7d9c90b49c4af0499e12ef34d405b003992_amd64, openshift4/ose-csi-external-snapshotter@sha256:a622df156f29b32930592baa89afd7d9c90b49c4af0499e12ef34d405b003992_amd64
Red Hatopenshift4/ose-console-operator@sha256:6f7f5565e0aec07ab3549754f77beef65088ceb7e90f21723c7ba9a896890224_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-console-operator@sha256:6f7f5565e0aec07ab3549754f77beef65088ceb7e90f21723c7ba9a896890224_s390x, openshift4/ose-console-operator@sha256:6f7f5565e0aec07ab3549754f77beef65088ceb7e90f21723c7ba9a896890224_s390x, *
Red Hatopenshift4/ose-agent-installer-orchestrator-rhel8@sha256:58b9432c725ebe12a544b173128fe02910b8077da3f8549823f15cdad7f2c5c2_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-agent-installer-orchestrator-rhel8@sha256:58b9432c725ebe12a544b173128fe02910b8077da3f8549823f15cdad7f2c5c2_amd64, *, openshift4/ose-agent-installer-orchestrator-rhel8@sha256:58b9432c725ebe12a544b173128fe02910b8077da3f8549823f15cdad7f2c5c2_amd64
Red Hatopenshift4/ose-oauth-proxy@sha256:c22373e9e85a35d9450482a11a1adc67630078b3fa6d24fbc4e50a46f4fa3162_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-oauth-proxy@sha256:c22373e9e85a35d9450482a11a1adc67630078b3fa6d24fbc4e50a46f4fa3162_amd64, openshift4/ose-oauth-proxy@sha256:c22373e9e85a35d9450482a11a1adc67630078b3fa6d24fbc4e50a46f4fa3162_amd64, openshift4/ose-oauth-proxy@sha256:c22373e9e85a35d9450482a11a1adc67630078b3fa6d24fbc4e50a46f4fa3162_amd64
Red Hatopenshift4/ose-olm-catalogd-rhel8@sha256:85904b983bb35abcbab7ea0c76060b11672449fce6e139e2784a1964e2f549a0_amd64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-olm-catalogd-rhel8@sha256:85904b983bb35abcbab7ea0c76060b11672449fce6e139e2784a1964e2f549a0_amd64, openshift4/ose-olm-catalogd-rhel8@sha256:85904b983bb35abcbab7ea0c76060b11672449fce6e139e2784a1964e2f549a0_amd64, openshift4/ose-olm-catalogd-rhel8@sha256:85904b983bb35abcbab7ea0c76060b11672449fce6e139e2784a1964e2f549a0_amd64
Red Hatopenshift4/ose-baremetal-runtimecfg-rhel8@sha256:267f32bf71f563f97bdb8e8ac9ba0bd523239a1678f0b22a6801f7e529582a0e_arm64 as a component of Red Hat OpenShift Container Platform 4.14*, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:267f32bf71f563f97bdb8e8ac9ba0bd523239a1678f0b22a6801f7e529582a0e_arm64, openshift4/ose-baremetal-runtimecfg-rhel8@sha256:267f32bf71f563f97bdb8e8ac9ba0bd523239a1678f0b22a6801f7e529582a0e_arm64
Red Hatopenshift4/driver-toolkit-rhel9@sha256:d12b0c7636fbdcdb6d459b855aec88873d347ea0cd9fd244c81e086400ffac8d_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/driver-toolkit-rhel9@sha256:d12b0c7636fbdcdb6d459b855aec88873d347ea0cd9fd244c81e086400ffac8d_s390x, openshift4/driver-toolkit-rhel9@sha256:d12b0c7636fbdcdb6d459b855aec88873d347ea0cd9fd244c81e086400ffac8d_s390x, openshift4/driver-toolkit-rhel9@sha256:d12b0c7636fbdcdb6d459b855aec88873d347ea0cd9fd244c81e086400ffac8d_s390x
Red Hatopenshift4/ose-cluster-ingress-operator@sha256:f16263fe09f7597306e2ec703e44fcfbaad55c9ba24f773432bcfc754a94d27d_arm64 as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-cluster-ingress-operator@sha256:f16263fe09f7597306e2ec703e44fcfbaad55c9ba24f773432bcfc754a94d27d_arm64, openshift4/ose-cluster-ingress-operator@sha256:f16263fe09f7597306e2ec703e44fcfbaad55c9ba24f773432bcfc754a94d27d_arm64, openshift4/ose-cluster-ingress-operator@sha256:f16263fe09f7597306e2ec703e44fcfbaad55c9ba24f773432bcfc754a94d27d_arm64
Red Hatopenshift4/ose-csi-snapshot-controller-rhel8@sha256:6258939a3ce15590c18a108f35aa83f19b9fa7d28b2495172848ba320121dcae_s390x as a component of Red Hat OpenShift Container Platform 4.14openshift4/ose-csi-snapshot-controller-rhel8@sha256:6258939a3ce15590c18a108f35aa83f19b9fa7d28b2495172848ba320121dcae_s390x, *, openshift4/ose-csi-snapshot-controller-rhel8@sha256:6258939a3ce15590c18a108f35aa83f19b9fa7d28b2495172848ba320121dcae_s390x
Red Hatopenshift4/ose-cluster-ingress-operator@sha256:3e825f5ec48ebe5377df618d59408ce824c6ecd7a8c8ff6cefbf4cec3adea8fe_s390x as a component of Red Hat OpenShift Container Platform 4.14*, *, *

…and 1346 more

Timeline

  • Apr 9, 2025 CVE Published
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Distribution Patch
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • Apr 24, 2026 Security Advisory
  • May 16, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›