OSV-2025-461

Import Source

JSON Data

https://api.osv.dev/v1/vulns/OSV-2025-461

Published

2025-06-14T00:10:49.391511Z

Modified

2025-06-14T00:10:49.391787Z

Summary

Heap-buffer-overflow in xmlParsePubidLiteral

Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=424229869

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
xmlParsePubidLiteral
xmlParseExternalID
xmlParseDocTypeDecl

References

Affected packages

Type: GIT
Repo: https://github.com/lsh123/xmlsec
Events: Introduced

94654ff9fb11bd376874eefead7f190efd0bc056

Fixed

94654ff9fb11bd376874eefead7f190efd0bc056

{
    "severity": "HIGH"
}