OSV-2025-465

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/xmlsec/OSV-2025-465.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-465
Published
2025-06-15T00:09:20.387117Z
Modified
2025-06-15T00:09:20.387490Z
Summary
Heap-buffer-overflow in xmlParsePubidLiteral
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=424613315

Crash type: Heap-buffer-overflow WRITE 1
Crash state:
xmlParsePubidLiteral
xmlParseExternalID
xmlParseNotationDecl
References

Affected packages

OSS-Fuzz / xmlsec

Package

Name
xmlsec
Purl
pkg:generic/xmlsec

Affected ranges

Type
GIT
Repo
https://github.com/lsh123/xmlsec
Events
Introduced
94654ff9fb11bd376874eefead7f190efd0bc056
Fixed
99ad893effa58045ebbbd513d1873e391509a373

Ecosystem specific 

{
    "severity": "HIGH"
}