libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

A flaw was found in libxslt. This vulnerability allows an attacker to trigger a use-after-free issue by excluding result prefixes...

CBL Mariner 2.0 Security Update: cri-tools / moby-runc / runc (CVE-2024-45310)

The version of cri-tools / moby-runc / runc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45310 advisory. - runc is a CLI tool for spawning and running containers according to the OCI...

Security update for libxslt

This update for libxslt fixes the following issues: CVE-2023-40403: Fixed sensitive information disclosure during processing web content bsc1238591 CVE-2024-55549: Fixed use-after-free in xsltGetInheritedNsList bsc1239637 CVE-2025-24855: Fixed use-after-free in numbers.c bsc1239625 Patch...

cifs-utils 安全漏洞

cifs-utils is a toolkit from the individual developer Pavel Shilovsky. Provides utilities for managing CIFS network file system installations. A security vulnerability exists in cifs-utils that stems from the cifs.upcall program incorrectly invoking namespaces in a container environment, which...

Kubernetes ingress-nginx 输入验证错误漏洞

Ingress NGINX Controller is an open source portal controller that uses NGINX as a reverse proxy and load balancer. Ingress NGINX Controller suffers from a remote code execution vulnerability that can be exploited by an attacker to gain access to sensitive data such as credentials and keys across...

OESA-2025-1296 libxslt security update

Libxslt is the XSLT C library developed for the GNOME project Security Fixes: xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.CVE-2024-55549 numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath...

SUSE CVE-2025-29781

The Bare Metal Operator BMO implements a Kubernetes API for managing bare metal hosts in Metal3. Baremetal Operator enables users to load Secret from arbitrary namespaces upon deployment of the namespace scoped Custom Resource BMCEventSubscription. Prior to versions 0.8.1 and 0.9.1, an adversary...

GO-2025-3530 Bare Metal Operator (BMO) can expose any secret from other namespaces via BMCEventSubscription CRD in github.com/metal3-io/baremetal-operator/apis

Bare Metal Operator BMO can expose any secret from other namespaces via BMCEventSubscription CRD in github.com/metal3-io/baremetal-operator/apis...

Linux kernel out-of-bounds write vulnerability (CNVD-2025-05383)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from an out-of-bounds write vulnerability that stems from multiple calls to dellink when deleting network namespaces, resulting in a corrupted list. Th...

SUSE CVE-2024-55549

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes...

ALPINE-CVE-2024-55549

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes...

Use After Free

Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Use After Free through the xsltGetInheritedNsList process. An attacker can manipulate memory and potentially execute arbitrary code by excluding result prefixes. Remediation...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free through the xsltGetInheritedNsList process. An attacker can manipulate memory and potentially execute arbitrary code by excluding result prefixes. Remediation Upgrade libxslt to version 1.1.43 or higher. References - GitH...

[slackware-security] libxslt

New libxslt packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxslt-1.1.43-i586-1slack15.0.txz: Upgraded. This update addresses some security issues. Fix use-after-free of XPath context node. F...