Search for vulnerabilities
Vulnerability details: VCID-95x4-hka7-67eu
Vulnerability ID VCID-95x4-hka7-67eu
Aliases CVE-2025-24855
Summary numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.
Status Published
Exploitability 0.5
Weighted Severity 7.0
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-416 Use After Free
System Score Found at
cvssv3 7.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 6e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 7e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
epss 8e-05 https://api.first.org/data/v1/epss?cve=CVE-2025-24855
cvssv3.1 7.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 7.8 https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
ssvc Track https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json
https://api.first.org/data/v1/epss?cve=CVE-2025-24855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24855
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
1100566 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100566
2352483 https://bugzilla.redhat.com/show_bug.cgi?id=2352483
RHSA-2025:3107 https://access.redhat.com/errata/RHSA-2025:3107
RHSA-2025:3389 https://access.redhat.com/errata/RHSA-2025:3389
RHSA-2025:3528 https://access.redhat.com/errata/RHSA-2025:3528
RHSA-2025:3612 https://access.redhat.com/errata/RHSA-2025:3612
RHSA-2025:3615 https://access.redhat.com/errata/RHSA-2025:3615
RHSA-2025:3619 https://access.redhat.com/errata/RHSA-2025:3619
RHSA-2025:3624 https://access.redhat.com/errata/RHSA-2025:3624
RHSA-2025:3625 https://access.redhat.com/errata/RHSA-2025:3625
RHSA-2025:3626 https://access.redhat.com/errata/RHSA-2025:3626
RHSA-2025:3627 https://access.redhat.com/errata/RHSA-2025:3627
RHSA-2025:4098 https://access.redhat.com/errata/RHSA-2025:4098
RHSA-2025:4422 https://access.redhat.com/errata/RHSA-2025:4422
RHSA-2025:4427 https://access.redhat.com/errata/RHSA-2025:4427
RHSA-2025:4431 https://access.redhat.com/errata/RHSA-2025:4431
RHSA-2025:4677 https://access.redhat.com/errata/RHSA-2025:4677
RHSA-2025:4731 https://access.redhat.com/errata/RHSA-2025:4731
RHSA-2025:7496 https://access.redhat.com/errata/RHSA-2025:7496
RHSA-2025:7702 https://access.redhat.com/errata/RHSA-2025:7702
RHSA-2025:8303 https://access.redhat.com/errata/RHSA-2025:8303
USN-7361-1 https://usn.ubuntu.com/7361-1/
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-24855.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H Found at https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-14T19:00:57Z/ Found at https://gitlab.gnome.org/GNOME/libxslt/-/issues/128
Exploit Prediction Scoring System (EPSS)
Percentile 0.00293
EPSS Score 6e-05
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:36:40.065452+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.18/main.json 37.0.0