Security Advisory Description An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free. (CVE-2024-25062) Impact For products with None in the Versions known to be vulnerable column, there is no impact. For products with ** in the various columns, F5 is still researching the issue and will update this article after confirming the required information. F5 Support has no additional information about this issue. BIG-IP, BIG-IP Next SPK, and BIG-IP Next CNF This vulnerability allows a remote, authenticated attacker (unauthenticated in the case of BIG-IP Next SPK and CNF) to cause a use-after-free issue that can lead to a denial-of-service (DoS) on the affected BIG-IP…Read More