Update libxml2 to fix out-of-bounds read (MINDBREEZE35902)

ID: MINDBREEZE35902 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: 2.9 Low 
Status: Final 
First published: July 30, 2025 
CVEs: CVE-2025-32415 

Summary 

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 25.4 Release
• Mindbreeze InSpire Saas 25.4 Release