FKIE_CVE-2026-0990

Vulnerability from fkie_nvd - Published: 2026-01-15 15:15 - Updated: 2026-04-22 10:16
Severity ?
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications.
References
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2026:7519
secalert@redhat.comhttps://access.redhat.com/security/cve/CVE-2026-0990
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2429959
secalert@redhat.comhttps://gitlab.gnome.org/GNOME/libxml2/-/issues/1018
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a specially crafted XML catalog, leading to infinite recursion and call stack exhaustion. This ultimately results in a segmentation fault, causing a Denial of Service (DoS) by crashing affected applications."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una falla en libxml2, una biblioteca de an\u00e1lisis XML. Esta vulnerabilidad de recursi\u00f3n incontrolada ocurre en la funci\u00f3n xmlCatalogXMLResolveURI cuando un cat\u00e1logo XML contiene una entrada URI delegada que se referencia a s\u00ed misma. Un atacante remoto podr\u00eda explotar este problema dependiente de la configuraci\u00f3n al proporcionar un cat\u00e1logo XML especialmente dise\u00f1ado, lo que lleva a una recursi\u00f3n infinita y al agotamiento de la pila de llamadas. Esto finalmente resulta en una falla de segmentaci\u00f3n, causando una denegaci\u00f3n de servicio (DoS) al bloquear las aplicaciones afectadas."
    }
  ],
  "id": "CVE-2026-0990",
  "lastModified": "2026-04-22T10:16:50.113",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-01-15T15:15:52.503",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2026:7519"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2026-0990"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2429959"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://gitlab.gnome.org/GNOME/libxml2/-/issues/1018"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-674"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.