EulerOS Virtualization 2.10.1 : libxslt (EulerOS-SA-2026-2029)

According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers an...

Ubuntu 16.04 LTS / 18.04 LTS : HtmlUnit vulnerability (USN-8220-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8220-1 advisory. It was discovered that HtmlUnit was vulnerable to remote code execution via XSLT when browsing an attacker-controlled webpage. An attacker could...

CVE-2025-67484

MediaWiki vulnerability CVE-2025-67484 affects MediaWiki versions before 1.39.16, 1.43.6, 1.44.3, and 1.45.1. The issue is tied to the Action API xslt option, enabling JavaScript execution by administrators who are not interface administrators; the xslt option is now disabled by default and can b...

XLST-XML-PAYLOAD-GENERATOR

XLST-XML-PAYLOAD-GENERATOR This project is a...

Linux Distros Unpatched Vulnerability : CVE-2024-31573

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XS...

CVE-2024-31573

XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet used for an XSLT transformation, because XSLT extension functions are enabled...

libxslt security update

An update is available for libxslt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libxslt is a library for transforming XML files into other textual formats...

ROS-20250822-14

A vulnerability in a library for XSLT conversion of XML documents to other formats is related to a type confusion bug in xmlNode.psvi. type confusion bug in xmlNode.psvi. Exploitation of the vulnerability could allow an attacker to execute arbitrary code on the target system...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

Linux Distros Unpatched Vulnerability : CVE-2021-38503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

firefox: thunderbird: XSLT documents could bypass CSP

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: XSLT document loading incorrectly propagates the source document which bypassed its CSP...

CVE-2025-8032

XSLT document loading did not correctly propagate the source document which bypassed its CSP. This vulnerability was fixed in Firefox 141, Firefox ESR 128.13, Firefox ESR 140.1, Thunderbird 141, Thunderbird 128.13, and Thunderbird 140.1...

firefox: thunderbird: Use-after-free triggered by XSLTProcessor

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: JavaScript code running while transforming a document with the XSLTProcessor could lead to a use-after-free...

Firefox txMozillaXSLTProcessor Use-After-Free

There is a use-after-free vulnerability in Firefox in txMozillaXSLTProcessor. The vulnerability was reproduced with an ASAN build from the latest source code...

firefox: thunderbird: Use-after-free in XSLT

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash...

firefox: thunderbird: Use-after-free in XSLT

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 135, which stems from the inclusion of a post-release reuse vulnerability in the XSLT module...

PT-2024-5337 · Apache · Apache Cxf

Name of the Vulnerable Software and Affected Versions: Apache CXF versions prior to 4.0.5 Apache CXF versions prior to 3.6.4 Apache CXF versions prior to 3.5.9 Description: A SSRF vulnerability in the WADL service description of Apache CXF allows an attacker to perform SSRF style attacks on REST...