CVE-2025-24855 - XSLT/Use-After-Free
CVE ID : CVE-2025-24855 Published : March 14, 2025, 2:15 a.m. | 1 hour, 14 minutes ago Description : numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. Severity: 7.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-24855
Published : March 14, 2025, 2:15 a.m. | 1 hour, 14 minutes ago
Description : numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : March 14, 2025, 2:15 a.m. | 1 hour, 14 minutes ago
Description : numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
