Security Vulnerability CVE-2025-49794 and CVE-2025-49796 (libxml2)

### Bug Overview

Hello,

[CVE-2025-49794](https://nvd.nist.gov/vuln/detail/cve-2025-49794) and [CVE-2025-49796](https://nvd.nist.gov/vuln/detail/cve-2025-49796) is detected in the most recent scan like nginx:1.28.0-alpine.

https://hub.docker.com/layers/library/nginx/1.28.0-alpine/images/sha256-ebd7cd95af06f54013757a30a148fb4d63b80d28503c291455b60027b764271c

This vulnerability appears to originate from Alpine Image. We would appreciate it if you could provide a fix for this security vulnerability.

As a temporary measure, we have updated libxml2 to 2.13.9-r0 in our project.

### Expected Behavior

No critical CVE

### Steps to Reproduce the Bug

nginx:1.28.0-alpine has two critical CVEs: CVE-2025-49794 and CVE-2025-49796

### Environment Details

- Version: nginx:1.28.0-alpine

### Additional Context

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Security Vulnerability CVE-2025-49794 and CVE-2025-49796 (libxml2) #1004

Bug Overview

Expected Behavior

Steps to Reproduce the Bug

Environment Details

Additional Context

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Security Vulnerability CVE-2025-49794 and CVE-2025-49796 (libxml2) #1004

Description

Bug Overview

Expected Behavior

Steps to Reproduce the Bug

Environment Details

Additional Context

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions