BIT-JAVA-MIN-2025-24855

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal...

BIT-JAVA-MIN-2025-10911 Libxslt: use-after-free with key data stored cross-rvt

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

BIT-JAVA-2025-10911 Libxslt: use-after-free with key data stored cross-rvt

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

PT-2026-37822

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes...

PT-2026-37828

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal...

PT-2026-37848

A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of...

PT-2026-37825

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

PT-2026-37849

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

PT-2026-38032

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

PT-2026-38035

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal...

Astra Linux - уязвимость в libxslt

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data...

Astra Linux - уязвимость в libxslt

A flaw was discovered in the libxslt library. The same memory field, psvi, is used for both the stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may result in...

Astra Linux - уязвимость в libxslt

A flaw was discovered in the exsltFuncResultComp function of libxslt, which handles EXSLT elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, leading to a type confusion. This can result in unexpected memory...

Astra Linux - уязвимость в chromium, libxslt

Before version 91.0.4472.164, using Blink XSLT in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux - уязвимость в libxslt

The xsltGetInheritedNsList function in libxslt before version 1.1.43 has a use-after-free issue related to the exclusion of result prefixes...

Unity Linux 20.1050e / 20.1070e Security Update: libxslt (UTSA-2026-014831)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014831 advisory. A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT elements during stylesheet parsing. Due to improper type handling, the function...

Moderate: libxml2 security update

The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c CVE-2025-9714 For more details about the security issues, including the impact, a CVSS...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libxslt: libxslt-1.1.45-0.1.hum1 aarch64, x8664 libxslt-devel-1.1.45-0.1.hum1 aarch64, x8664 python3-libxslt-1.1.45-0.1.hum1 aarch64, x8664 libxslt-1.1.45-0.1.hum1.src src...

CLSA-2026-1776764746 libxslt: Fix of CVE-2021-30560

CVE-2021-30560: fix use-after-free in xsltApplyTemplates...

CLSA-2026-1776443255 libxslt: Fix of CVE-2023-40403

CVE-2023-40403: make generate-id deterministic to prevent memory layout leak...