UBUNTU-CVE-2025-22872
- Source
- https://ubuntu.com/security/CVE-2025-22872
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-22872.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2025-22872
- Related
- Published
- 2025-04-16T18:16:00Z
- Modified
- 2025-05-08T04:50:58Z
- Summary
- [none]
- Details
-
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. <math>, <svg>, etc contexts).
- References
Affected packages
Ubuntu:Pro:16.04:LTS / golang-golang-x-net-dev
Package
- Name
- golang-golang-x-net-dev
- Purl
- pkg:deb/ubuntu/golang-golang-x-net-dev@1:0.0+git20160110.4fd4a9f-1ubuntu0.1~esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:16.04:LTS / juju-core
Package
- Name
- juju-core
- Purl
- pkg:deb/ubuntu/juju-core@2.3.7-0ubuntu0.16.04.1+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.24.6-0ubuntu3
1.25.0-0ubuntu1
1.25.0-0ubuntu2
1.25.0-0ubuntu3
2.*
2.0~beta4-0ubuntu2
2.0~beta6-0ubuntu1.16.04.1
2.0~beta7-0ubuntu1.16.04.1
2.0~beta12-0ubuntu1.16.04.1
2.0~beta15-0ubuntu2.16.04.1
2.0.0-0ubuntu0.16.04.2
2.0.2-0ubuntu0.16.04.1
2.0.2-0ubuntu0.16.04.2
2.3.1-0ubuntu0.16.04.1
2.3.2-0ubuntu0.16.04.1
2.3.7-0ubuntu0.16.04.1
2.3.7-0ubuntu0.16.04.1+esm1
Ubuntu:Pro:16.04:LTS / lxd
Package
- Name
- lxd
- Purl
- pkg:deb/ubuntu/lxd@2.0.11-0ubuntu1~16.04.4+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.20-0ubuntu4
0.21-0ubuntu3
0.21-0ubuntu5
0.22-0ubuntu1
0.22-0ubuntu2
0.23-0ubuntu1
0.23-0ubuntu2
0.23-0ubuntu3
0.24-0ubuntu2
0.24-0ubuntu3
0.24-0ubuntu4
0.25-0ubuntu1
0.26-0ubuntu2
0.26-0ubuntu3
0.27-0ubuntu1
0.27-0ubuntu2
2.*
2.0.0~beta1-0ubuntu3
2.0.0~beta1-0ubuntu4
2.0.0~beta2-0ubuntu1
2.0.0~beta2-0ubuntu2
2.0.0~beta3-0ubuntu1
2.0.0~beta3-0ubuntu2
2.0.0~beta3-0ubuntu3
2.0.0~beta3-0ubuntu4
2.0.0~beta4-0ubuntu1
2.0.0~beta4-0ubuntu2
2.0.0~beta4-0ubuntu3
2.0.0~beta4-0ubuntu4
2.0.0~beta4-0ubuntu5
2.0.0~beta4-0ubuntu6
2.0.0~beta4-0ubuntu7
2.0.0~rc1-0ubuntu1
2.0.0~rc1-0ubuntu2
2.0.0~rc1-0ubuntu3
2.0.0~rc2-0ubuntu2
2.0.0~rc2-0ubuntu3
2.0.0~rc3-0ubuntu1
2.0.0~rc3-0ubuntu2
2.0.0~rc3-0ubuntu3
2.0.0~rc3-0ubuntu4
2.0.0~rc4-0ubuntu1
2.0.0~rc5-0ubuntu1
2.0.0~rc6-0ubuntu1
2.0.0~rc6-0ubuntu2
2.0.0~rc7-0ubuntu1
2.0.0~rc7-0ubuntu2
2.0.0~rc8-0ubuntu1
2.0.0~rc8-0ubuntu2
2.0.0~rc8-0ubuntu3
2.0.0~rc8-0ubuntu5
2.0.0~rc8-0ubuntu6
2.0.0~rc8-0ubuntu7
2.0.0~rc9-0ubuntu2
2.0.0~rc9-0ubuntu3
2.0.0~rc9-0ubuntu4
2.0.0~rc9-0ubuntu5
2.0.0-0ubuntu1
2.0.0-0ubuntu2
2.0.0-0ubuntu3
2.0.0-0ubuntu4
2.0.1-0ubuntu1~16.04.1
2.0.2-0ubuntu1~16.04.1
2.0.3-0ubuntu1~ubuntu16.04.2
2.0.4-0ubuntu1~ubuntu16.04.1
2.0.5-0ubuntu1~ubuntu16.04.1
2.0.8-0ubuntu1~ubuntu16.04.1
2.0.8-0ubuntu1~ubuntu16.04.2
2.0.9-0ubuntu1~16.04.1
2.0.9-0ubuntu1~16.04.2
2.0.10-0ubuntu1~16.04.1
2.0.10-0ubuntu1~16.04.2
2.0.11-0ubuntu1~16.04.2
2.0.11-0ubuntu1~16.04.4
2.0.11-0ubuntu1~16.04.4+esm1
Ubuntu:Pro:16.04:LTS / containerd
Package
- Name
- containerd
- Purl
- pkg:deb/ubuntu/containerd@1.2.6-0ubuntu1~16.04.6+esm5?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.2.1-0ubuntu4~16.04
0.2.3-0ubuntu1~16.04
0.2.5-0ubuntu1~16.04.1
1.*
1.2.6-0ubuntu1~16.04.2
1.2.6-0ubuntu1~16.04.3
1.2.6-0ubuntu1~16.04.4
1.2.6-0ubuntu1~16.04.5
1.2.6-0ubuntu1~16.04.6
1.2.6-0ubuntu1~16.04.6+esm1
1.2.6-0ubuntu1~16.04.6+esm2
1.2.6-0ubuntu1~16.04.6+esm4
1.2.6-0ubuntu1~16.04.6+esm5
Ubuntu:Pro:16.04:LTS / google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20240716.00-0ubuntu1~16.04.0?arch=source&distro=esm-apps/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:18.04:LTS / lxd
Package
- Name
- lxd
- Purl
- pkg:deb/ubuntu/lxd@3.0.3-0ubuntu1~18.04.2+esm1?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.18-0ubuntu6
2.19-0ubuntu1
2.20-0ubuntu3
2.20-0ubuntu4
2.21-0ubuntu1
2.21-0ubuntu2
2.21-0ubuntu3
2.21-0ubuntu4
3.*
3.0.0~beta2-0ubuntu3
3.0.0~beta3-0ubuntu3
3.0.0~beta5-0ubuntu2
3.0.0~beta7-0ubuntu1
3.0.0-0ubuntu1
3.0.0-0ubuntu2
3.0.0-0ubuntu3
3.0.0-0ubuntu4
3.0.1-0ubuntu1~18.04.1
3.0.2-0ubuntu1~18.04.1
3.0.3-0ubuntu1~18.04.1
3.0.3-0ubuntu1~18.04.2
3.0.3-0ubuntu1~18.04.2+esm1
Ubuntu:Pro:18.04:LTS / containerd
Package
- Name
- containerd
- Purl
- pkg:deb/ubuntu/containerd@1.6.12-0ubuntu1~18.04.1+esm2?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
0.*
0.2.5-0ubuntu2
1.*
1.2.6-0ubuntu1~18.04.1
1.2.6-0ubuntu1~18.04.2
1.3.3-0ubuntu1~18.04.1
1.3.3-0ubuntu1~18.04.2
1.3.3-0ubuntu1~18.04.3
1.3.3-0ubuntu1~18.04.4
1.4.4-0ubuntu1~18.04.2
1.5.2-0ubuntu1~18.04.1
1.5.2-0ubuntu1~18.04.2
1.5.2-0ubuntu1~18.04.3
1.5.5-0ubuntu3~18.04.1
1.5.5-0ubuntu3~18.04.2
1.5.9-0ubuntu1~18.04.1
1.5.9-0ubuntu1~18.04.2
1.6.12-0ubuntu1~18.04.1
1.6.12-0ubuntu1~18.04.1+esm1
1.6.12-0ubuntu1~18.04.1+esm2
Ubuntu:Pro:18.04:LTS / golang-golang-x-net-dev
Package
- Name
- golang-golang-x-net-dev
- Purl
- pkg:deb/ubuntu/golang-golang-x-net-dev@1:0.0+git20170629.c81e7f2+dfsg-2ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:Pro:18.04:LTS / google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20241011.01-0ubuntu1~18.04.0?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20201217.*
20201217.02-0ubuntu1~18.04.0
20210414.*
20210414.00-0ubuntu1~18.04.0
20210629.*
20210629.00-0ubuntu1~18.04.1
20220622.*
20220622.00-0ubuntu2~18.04.0
20220622.00-0ubuntu2~18.04.1
20230426.*
20230426.00-0ubuntu2~18.04.0
20231004.*
20231004.02-0ubuntu1~18.04.2
20231004.02-0ubuntu1~18.04.3
20240716.*
20240716.00-0ubuntu1~18.04.0
20241011.*
20241011.01-0ubuntu1~18.04.0
Ubuntu:20.04:LTS / adsys
Package
- Name
- adsys
- Purl
- pkg:deb/ubuntu/adsys@0.9.2~20.04.2ubuntu0.1?arch=source&distro=focal
Ubuntu:20.04:LTS / containerd
Package
- Name
- containerd
- Purl
- pkg:deb/ubuntu/containerd@1.6.12-0ubuntu1~20.04.8?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.2.10-0ubuntu1
1.3.2-0ubuntu1
1.3.3-0ubuntu1
1.3.3-0ubuntu2
1.3.3-0ubuntu2.1
1.3.3-0ubuntu2.2
1.3.3-0ubuntu2.3
1.4.4-0ubuntu1~20.04.2
1.5.2-0ubuntu1~20.04.1
1.5.2-0ubuntu1~20.04.2
1.5.2-0ubuntu1~20.04.3
1.5.5-0ubuntu3~20.04.1
1.5.5-0ubuntu3~20.04.2
1.5.9-0ubuntu1~20.04.1
1.5.9-0ubuntu1~20.04.4
1.5.9-0ubuntu1~20.04.5
1.5.9-0ubuntu1~20.04.6
1.6.12-0ubuntu1~20.04.1
1.6.12-0ubuntu1~20.04.3
1.6.12-0ubuntu1~20.04.5
1.6.12-0ubuntu1~20.04.6
1.6.12-0ubuntu1~20.04.7
1.6.12-0ubuntu1~20.04.8
Ubuntu:20.04:LTS / golang-golang-x-net-dev
Package
- Name
- golang-golang-x-net-dev
- Purl
- pkg:deb/ubuntu/golang-golang-x-net-dev@1:0.0+git20190811.74dc4d7+dfsg-1?arch=source&distro=focal
Ubuntu:20.04:LTS / google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20241011.01-0ubuntu1~20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20201217.*
20201217.02-0ubuntu1~20.04.0
20210414.*
20210414.00-0ubuntu1~20.04.0
20210629.*
20210629.00-0ubuntu1~20.04.0
20220622.*
20220622.00-0ubuntu2~20.04.0
20220622.00-0ubuntu2~20.04.2
20230426.*
20230426.00-0ubuntu2~20.04.0
20231004.*
20231004.02-0ubuntu1~20.04.1
20231004.02-0ubuntu1~20.04.2
20231004.02-0ubuntu1~20.04.3
20231004.02-0ubuntu1~20.04.4
20240716.*
20240716.00-0ubuntu1~20.04.0
20241011.*
20241011.01-0ubuntu1~20.04.1
Ubuntu:20.04:LTS / lxd
Package
- Name
- lxd
- Purl
- pkg:deb/ubuntu/lxd@1:0.10?arch=source&distro=focal
Ubuntu:22.04:LTS / adsys
Package
- Name
- adsys
- Purl
- pkg:deb/ubuntu/adsys@0.14.3~22.04ubuntu0.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:22.04:LTS / containerd
Package
- Name
- containerd
- Purl
- pkg:deb/ubuntu/containerd@1.6.12-0ubuntu1~22.04.8?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:22.04:LTS / golang-golang-x-net
Package
- Name
- golang-golang-x-net
- Purl
- pkg:deb/ubuntu/golang-golang-x-net@1:0.0+git20211209.491a49a+dfsg-1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:22.04:LTS / google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20241011.01-0ubuntu1~22.04.0?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20210629.*
20210629.00-0ubuntu1
20210629.00-0ubuntu2
20220104.*
20220104.00-0ubuntu1
20220104.00-0ubuntu2
20220622.*
20220622.00-0ubuntu2~22.04.0
20220622.00-0ubuntu2~22.04.1
20230426.*
20230426.00-0ubuntu2~22.04.0
20231004.*
20231004.02-0ubuntu1~22.04.1
20231004.02-0ubuntu1~22.04.2
20231004.02-0ubuntu1~22.04.3
20231004.02-0ubuntu1~22.04.4
20231004.02-0ubuntu1~22.04.5
20240716.*
20240716.00-0ubuntu1~22.04.0
20241011.*
20241011.01-0ubuntu1~22.04.0
Ubuntu:24.10 / adsys
Package
- Name
- adsys
- Purl
- pkg:deb/ubuntu/adsys@0.15.2ubuntu0.1?arch=source&distro=oracular
Ubuntu:24.10 / containerd
Package
- Name
- containerd
- Purl
- pkg:deb/ubuntu/containerd@1.7.18~ds2-1ubuntu1?arch=source&distro=oracular
Ubuntu:24.10 / golang-golang-x-net
Package
- Name
- golang-golang-x-net
- Purl
- pkg:deb/ubuntu/golang-golang-x-net@1:0.26.0+dfsg-2?arch=source&distro=oracular
Ubuntu:24.10 / google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20241011.01-0ubuntu1~24.10.0?arch=source&distro=oracular
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.04:LTS / adsys
Package
- Name
- adsys
- Purl
- pkg:deb/ubuntu/adsys@0.14.3~24.04ubuntu0.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.04:LTS / containerd
Package
- Name
- containerd
- Purl
- pkg:deb/ubuntu/containerd@1.6.24~ds1-1ubuntu1.2?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:24.04:LTS / golang-golang-x-net
Package
- Name
- golang-golang-x-net
- Purl
- pkg:deb/ubuntu/golang-golang-x-net@1:0.21.0+dfsg-1?arch=source&distro=noble
Ubuntu:24.04:LTS / google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20241011.01-0ubuntu1~24.04.0?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20230426.*
20230426.00-0ubuntu3
20231004.*
20231004.02-0ubuntu1
20231004.02-0ubuntu3
20240213.*
20240213.00-0ubuntu1
20240213.00-0ubuntu2
20240213.00-0ubuntu3
20240213.00-0ubuntu3.1
20240213.00-0ubuntu3.2
20240716.*
20240716.00-0ubuntu1~24.04.0
20240716.00-0ubuntu1~24.04.1
20241011.*
20241011.01-0ubuntu1~24.04.0
Ubuntu:25.04 / adsys
Package
- Name
- adsys
- Purl
- pkg:deb/ubuntu/adsys@0.16.3?arch=source&distro=plucky
Ubuntu:25.04 / containerd
Package
- Name
- containerd
- Purl
- pkg:deb/ubuntu/containerd@1.7.24~ds1-5ubuntu1?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ubuntu:25.04 / golang-golang-x-net
Package
- Name
- golang-golang-x-net
- Purl
- pkg:deb/ubuntu/golang-golang-x-net@1:0.27.0-1?arch=source&distro=plucky
Ubuntu:25.04 / google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20250116.00-0ubuntu2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected