{
  "_class" : "io.jenkins.plugins.analysis.core.restapi.ReportApi",
  "issues" : [
    {
      "addedAt" : 0,
      "authorEmail" : "-",
      "authorName" : "-",
      "baseName" : "govway",
      "category" : "",
      "columnEnd" : 0,
      "columnStart" : 0,
      "commit" : "-",
      "description" : "",
      "fileName" : "/linkitaly/govway",
      "fingerprint" : "FALLBACK-d6f6619e",
      "lineEnd" : 1,
      "lineStart" : 1,
      "message" : "CVE-2025-32414: OsPackageVulnerability\u000a\u000alibxml2: Out-of-Bounds Read in libxml2\u000a\u000aFor additional help see: **Vulnerability CVE-2025-32414**\u000a| Severity | Package | Fixed Version | Link |\u000a| --- | --- | --- | --- |\u000a|HIGH|libxml2|2.13.4-r6|[CVE-2025-32414](https://avd.aquasec.com/nvd/cve-2025-32414)|\u000a\u000aIn libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.\u000a\u000aPackage: libxml2\u000aInstalled Version: 2.13.4-r5\u000aVulnerability CVE-2025-32414\u000aSeverity: HIGH\u000aFixed Version: 2.13.4-r6\u000aLink: [CVE-2025-32414](https://avd.aquasec.com/nvd/cve-2025-32414)",
      "moduleName" : "",
      "origin" : "trivy",
      "originName" : "Trivy Security Scanner",
      "packageName" : "-",
      "reference" : "1235",
      "severity" : "HIGH",
      "toString" : "govway(1,0): CVE-2025-32414: : CVE-2025-32414: OsPackageVulnerability\u000a\u000alibxml2: Out-of-Bounds Read in libxml2\u000a\u000aFor additional help see: **Vulnerability CVE-2025-32414**\u000a| Severity | Package | Fixed Version | Link |\u000a| --- | --- | --- | --- |\u000a|HIGH|libxml2|2.13.4-r6|[CVE-2025-32414](https://avd.aquasec.com/nvd/cve-2025-32414)|\u000a\u000aIn libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API (Python bindings) because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between bytes and characters.\u000a\u000aPackage: libxml2\u000aInstalled Version: 2.13.4-r5\u000aVulnerability CVE-2025-32414\u000aSeverity: HIGH\u000aFixed Version: 2.13.4-r6\u000aLink: [CVE-2025-32414](https://avd.aquasec.com/nvd/cve-2025-32414)",
      "type" : "CVE-2025-32414"
    },
    {
      "addedAt" : 0,
      "authorEmail" : "-",
      "authorName" : "-",
      "baseName" : "govway",
      "category" : "",
      "columnEnd" : 0,
      "columnStart" : 0,
      "commit" : "-",
      "description" : "",
      "fileName" : "/linkitaly/govway",
      "fingerprint" : "FALLBACK-d712fa8f",
      "lineEnd" : 1,
      "lineStart" : 1,
      "message" : "CVE-2025-32415: OsPackageVulnerability\u000a\u000alibxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables\u000a\u000aFor additional help see: **Vulnerability CVE-2025-32415**\u000a| Severity | Package | Fixed Version | Link |\u000a| --- | --- | --- | --- |\u000a|HIGH|libxml2|2.13.4-r6|[CVE-2025-32415](https://avd.aquasec.com/nvd/cve-2025-32415)|\u000a\u000aIn libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.\u000a\u000aPackage: libxml2\u000aInstalled Version: 2.13.4-r5\u000aVulnerability CVE-2025-32415\u000aSeverity: HIGH\u000aFixed Version: 2.13.4-r6\u000aLink: [CVE-2025-32415](https://avd.aquasec.com/nvd/cve-2025-32415)",
      "moduleName" : "",
      "origin" : "trivy",
      "originName" : "Trivy Security Scanner",
      "packageName" : "-",
      "reference" : "1235",
      "severity" : "HIGH",
      "toString" : "govway(1,0): CVE-2025-32415: : CVE-2025-32415: OsPackageVulnerability\u000a\u000alibxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables\u000a\u000aFor additional help see: **Vulnerability CVE-2025-32415**\u000a| Severity | Package | Fixed Version | Link |\u000a| --- | --- | --- | --- |\u000a|HIGH|libxml2|2.13.4-r6|[CVE-2025-32415](https://avd.aquasec.com/nvd/cve-2025-32415)|\u000a\u000aIn libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used.\u000a\u000aPackage: libxml2\u000aInstalled Version: 2.13.4-r5\u000aVulnerability CVE-2025-32415\u000aSeverity: HIGH\u000aFixed Version: 2.13.4-r6\u000aLink: [CVE-2025-32415](https://avd.aquasec.com/nvd/cve-2025-32415)",
      "type" : "CVE-2025-32415"
    }
  ],
  "size" : 2,
  "toString" : "2 warnings (high: 2)"
}