| Description |
| |
A Heap Use After Free (UAF) vulnerability was discovered in the Schematron in the libxml2. The issue arises in the xmlSchematronGetNode function when processing XPath expressions in Schematron schema elements <sch:name path="..."/>, where a pointer to freed memory is returned and then accessed, leading to undefined behavior and potential crashes. |
| |
|
| - |
Vulnerable component: The xmlSchematronGetNode function extracts a pointer to a node from an XPath node set and then immediately frees the entire XPath object containing that node set, rendering the returned pointer invalid. |
| + |
The xmlSchematronGetNode function extracts a pointer to a node from an XPath node set and then immediately frees the entire XPath object containing that node set, rendering the returned pointer invalid. |
|