CVE-2025-24855

CVSS v3.1

7.8

High

Vector

AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions: libxslt versions prior to 1.1.43

Description: The issue is related to a use-after-free error in the numbers.c file of libxslt. This occurs during nested XPath evaluations, where an XPath context node can be modified but never restored. The functions xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal are involved in this issue.

Recommendations: For versions prior to 1.1.43, update to version 1.1.43 or later to resolve the issue. As a temporary workaround, consider restricting the use of nested XPath evaluations until a patch is available.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-1395

Related Identifiers

ALSA-2025:3107

ALSA-2025:3615

ALSA-2025:7496

ALT-PU-2025-13573

AZL-58644

AZL-58665

BDU:2025-03640

BIT-JAVA-2025-24855

BIT-JAVA-MIN-2025-24855

BIT-JRE-2025-24855

CESA-2025_3615

CVE-2025-24855

DLA-4089-1

DSA-5884-1

GHSA-MRXW-MXHJ-P664

INFSA-2025_3107

INFSA-2025_3615

MGASA-2025-0110

OESA-2025-1296

OPENSUSE-SU-2025:14894-1

OPENSUSE-SU-2025:15531-1

OPENSUSE-SU-2025_1003-1

OPENSUSE-SU-2025_1125-1

RHSA-2025:3107

RHSA-2025:3389

RHSA-2025:3528

RHSA-2025:3612

RHSA-2025:3615

RHSA-2025:3619

RHSA-2025:3624

RHSA-2025:3625

RHSA-2025:3626

RHSA-2025:3627

RHSA-2025:4098

RHSA-2025:7496

RHSA-2025_3107

RHSA-2025_3615

ROSA-SA-2025-2869

SUSE-SU-2025:1003-1

SUSE-SU-2025:1125-1

SUSE-SU-2025:1494-1

SUSE-SU-2025:20201-1

SUSE-SU-2025:20277-1

USN-7361-1

USN-7787-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Debian

Java Platform

Linuxmint

Apple Macos

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

Libxslt

CVE-2025-24855

Weakness Enumeration

Related Identifiers

Affected Products

References · 116