2 matches found
CVE-2025-7425
CVE-2025-7425 is a heap-use-after-free in libxslt/libxml2 caused by atype corruption that can lead to memory mismanagement when XSLT processing yields tree fragments (e.g., key()). Connected advisories confirm libxml2/libxslt impact and provide patched releases (e.g., libxml2 2.10.4-10 and newer,...
CVE-2012-2870
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service application crash via a crafted XSLT expression that is not properly identified during XPath navigation, related to 1 the...