CVE-2025-7424

🗓️ 10 Jul 2025 14:05:41Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 57 Views

Flaw in libxslt allows memory corruption and denial of service during XML transformations.

Reporter	Title	Published	Views	Family All 137
ATTACKERKB	CVE-2025-7424	10 Jul 202514:05	–	attackerkb
Tenable Nessus	Amazon Linux 2023 : libxslt, libxslt-devel, python3-libxslt (ALAS2023-2025-1119)	4 Aug 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2 : libxslt (ALAS-2025-2966)	19 Aug 202500:00	–	nessus
Tenable Nessus	Apple TV < 18.6 Multiple Vulnerabilities (124153)	13 Aug 202500:00	–	nessus
Tenable Nessus	Apple iOS < 18.6 Multiple Vulnerabilities (124147)	30 Jul 202500:00	–	nessus
Tenable Nessus	Debian dla-4309 : libxslt1-dev - security update	25 Sep 202500:00	–	nessus
Tenable Nessus	Debian dsa-5979 : libxslt1-dev - security update	19 Aug 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : libxslt (EulerOS-SA-2025-2204)	11 Oct 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : libxslt (EulerOS-SA-2025-2236)	11 Oct 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP13 : libxslt (EulerOS-SA-2025-2270)	24 Oct 202500:00	–	nessus

NVD

Vulners

Node

xmlsoft libxsltMatch-

Node

redhat openshift_container_platformMatch4.0

redhat enterprise_linuxMatch6.0

redhat enterprise_linuxMatch7.0

redhat enterprise_linuxMatch8.0

redhat enterprise_linuxMatch9.0

redhat enterprise_linuxMatch10.0

[
  {
    "vendor": "GNOME",
    "product": "libxslt",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "1.1.44",
        "versionType": "semver"
      }
    ],
    "packageName": "libxslt",
    "collectionURL": "https://gitlab.gnome.org/GNOME/libxslt/",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libxml2",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:2.12.5-8.el10_0",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10.0"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libxslt",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:1.1.39-8.el10_0",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10.0"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Hardened Images",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "libxslt-main",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.1.45-0.1.hum1",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:hummingbird:1"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libxslt",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libxslt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libxslt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libxslt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rhcos",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  }
]

Source	Link
access	www.access.redhat.com/errata/RHBA-2025:12345
access	www.access.redhat.com/errata/RHSA-2026:11015
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/security/cve/CVE-2025-7424
gitlab	www.gitlab.gnome.org/GNOME/libxslt/-/issues/139
seclists	www.seclists.org/fulldisclosure/2025/Aug/0
seclists	www.seclists.org/fulldisclosure/2025/Jul/33
seclists	www.seclists.org/fulldisclosure/2025/Jul/35
lists	www.lists.debian.org/debian-lts-announce/2025/09/msg00024.html
openwall	www.openwall.com/lists/oss-security/2025/07/11/2

17 Jun 2026 10:04Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.17.5

EPSS0.012

SSVC

CWE-843