Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2025-25341
CVE-2025-25341
A vulnerability exists in the libxmljs 1.0.11 when parsing a specially crafted XML document. Accessing the internal _ref property on entity_ref and entity_decl nodes causes a segmentation fault, potentially leading to a denial-of-service (DoS).
Published Dec 27, 2025
https://github.com/advisories/GHSA-jv72-59wq-8rxm
CVSS Score
High
8.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
@anderssonoscar0/libxmljs
2.0.0
npm
@ayushmw/libxmljs
1.0.11-dev-1
npm
@ayushmw/libxmljs
1.0.11-dev-2
npm
@ayushmw/libxmljs
1.0.11-dev-3
npm
libxmljs
1.0.0
npm
libxmljs
1.0.10
npm
libxmljs
1.0.11
npm
libxmljs
1.0.1
npm
libxmljs
1.0.2
npm
libxmljs
1.0.3
npm
libxmljs
1.0.4
npm
libxmljs
1.0.6
npm
libxmljs
1.0.7
npm
libxmljs
1.0.8
npm
libxmljs
1.0.9
npm
niosz-xml
1.0.0
npm
niosz-xml
1.0.1
npm
niosz-xml
2.0.0
npm
niosz-xml
3.0.0
npm
niosz-xml
3.0.1
npm
niosz-xml
3.0.2
npm
niosz-xml-binary-darwin-arm64-16
0.2.0
npm
niosz-xml-binary-darwin-arm64-16
1.100.1001
npm
niosz-xml-binary-darwin-arm64-18
1.100.1001
npm
niosz-xml-binary-darwin-x64-16
1.100.1001
npm
niosz-xml-darwin-arm64-16
0.0.1
1-26 of 26
CVE-2025-25341 | Components Impacted | Sonatype Guide | Sonatype Guide
