52 matches found
JLSEC-2026-582 xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion...
xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes...
libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map', leading to stack exhaustion and a local denial of service...
BIT-JAVA-2025-24855
numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal...
libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c
A flaw was found in libxstl/libxml2. The 'exsltDynMapFunction' function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling 'dyn:map', leading to stack exhaustion and a local denial of service...
libxslt: Processing web content may disclose sensitive information
A flaw was found in libxslt package. Processing web content may disclose sensitive information. This issue was addressed with improved memory handling...
OESA-2026-1727 libxslt security update
Libxslt is the XSLT C library developed for the GNOME project Security Fixes: A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT func:result elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regula...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.56 bug fix and security update
Red Hat OpenShift Container Platform release 4.16.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...
Linux Distros Unpatched Vulnerability : CVE-2025-11731
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT elements during stylesheet parsing. Due to improper type handling, the...
EUVD-2013-5306
Malware in sbrugna...
Libxslt 安全漏洞
Libxslt is a Libxslt open source XSLT C library developed for the GNOME project. A security vulnerability exists in Libxslt that stems from a post-release reuse issue when parsing xsl nodes, which could lead to dereferencing of expired pointers and application crashes...
AZL-58644 CVE-2025-24855 affecting package libxslt for versions less than 1.1.34-8
numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal...
ALPINE-CVE-2024-55549
xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes...
Libxslt 资源管理错误漏洞
Libxslt is a Libxslt open source XSLT C library developed for the GNOME project. A security vulnerability exists in versions of Libxslt prior to 1.1.43 that stems from a post-release reuse issue...
OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...
Security Bulletin: IBM Operational Decision Manager August 2023 - Multiple CVEs addressed
Summary IBM Operational Decision Manager is vulnerable to multiple remote code execution and denial of service attacks in third party and open source used in the product for various functions. See full list below. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2022-2047...
Advisory ROSA-SA-2023-2138
Software: java-11-openjdk 11.0.18.0.10-1 OS: rosa-server79 packageevrstring: 11.0.18.0.10-1 CVE-ID: CVE-2022-21434 BDU-ID: 2022-02839 CVE-Crit: MEDIUM CVE-DESC: A vulnerability exists in the Libraries component of the Libraries component of Oracle GraalVM Enterprise Edition virtual machine due to...
K42795243: Apache Xalan Java Library vulnerability CVE-2022-34169
Security Advisory Description The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Jav...
SUSE CVE-2013-5466
The XSLT library in IBM DB2 and DB2 Connect 9.5 through 10.5, and the DB2 pureScale Feature 9.8 for Enterprise Server Edition, allows remote authenticated users to cause a denial of service via unspecified vectors...
Security Bulletin: IBM API Connect is impacted by a vulnerability in Apache Xalan Java XSLT library (CVE-2022-34169)
Summary IBM API Connect is impacted by a vulnerability in Apache Xalan Java XSLT library. IBM API Connect has addressed the vulnerability in CVE-2022-34169. Vulnerability Details CVEID:CVE-2022-34169 DESCRIPTION: The Apache Xalan Java XSLT library could allow a remote attacker to execute arbitrar...
EulerOS 2.0 SP5 : java-1.8.0-openjdk (EulerOS-SA-2022-2440)
According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...