CLSA-2025-1760020147
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1760020147.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2025-1760020147
- Upstream
- Published
- 2025-10-09T14:29:16Z
- Modified
- 2026-06-04T09:46:53.007736659Z
- Summary
- Fix CVE(s): CVE-2025-9714
- Details
-
- SECURITY UPDATE: uncontrolled recursion causing stack overflow via crafted
XPath expressions
- debian/patches/CVE-2025-9714-*.patch: Add comprehensive XPath DoS protection including operation limits, recursion depth controls, and proper handling of recursive invocations to prevent stack overflows and resource exhaustion
- CVE-2025-9714
- SECURITY UPDATE: uncontrolled recursion causing stack overflow via crafted
XPath expressions
- References
Affected packages
TuxCare:Ubuntu:16.04 / libxml2
Package
- Name
- libxml2
- Purl
- pkg:deb/tuxcare/libxml2?distro=ubuntu-16.04
TuxCare:Ubuntu:16.04 / libxml2-dev
Package
- Name
- libxml2-dev
- Purl
- pkg:deb/tuxcare/libxml2-dev?distro=ubuntu-16.04
TuxCare:Ubuntu:16.04 / libxml2-doc
Package
- Name
- libxml2-doc
- Purl
- pkg:deb/tuxcare/libxml2-doc?distro=ubuntu-16.04
TuxCare:Ubuntu:16.04 / libxml2-utils
Package
- Name
- libxml2-utils
- Purl
- pkg:deb/tuxcare/libxml2-utils?distro=ubuntu-16.04