- Description
- numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.
- Source
- cve@mitre.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.8
- Exploitability score
- 1.4
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H
- Severity
- HIGH
- cve@mitre.org
- CWE-416
- Hype score
- Not currently trending
CVE-2025-24855 (CVSS:7.8, HIGH) is Awaiting Analysis. numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can ..https://t.co/nq0eL3MCex #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
19 Mar 2025
6 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-24855 🔴 HIGH (7.8) 🏢 xmlsoft - libxslt 🏗️ 0 🔗 https://t.co/Wmu9IigWGv #CyberCron #VulnAlert #InfoSec https://t.co/x20LaUMLlx
@cybercronai
14 Mar 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24855 numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is relate… https://t.co/SniYzYjba6
@CVEnew
14 Mar 2025
335 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes