High severity7.5NVD Advisory· Published Jul 10, 2025· Updated Apr 27, 2026
CVE-2025-7424
CVE-2025-7424
Description
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.
Affected products
7- cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- access.redhat.com/security/cve/CVE-2025-7424nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- seclists.org/fulldisclosure/2025/Aug/0nvd
- seclists.org/fulldisclosure/2025/Jul/30nvd
- seclists.org/fulldisclosure/2025/Jul/32nvd
- seclists.org/fulldisclosure/2025/Jul/33nvd
- seclists.org/fulldisclosure/2025/Jul/35nvd
- seclists.org/fulldisclosure/2025/Jul/37nvd
- www.openwall.com/lists/oss-security/2025/07/11/2nvd
- access.redhat.com/errata/RHBA-2025:12345nvd
- access.redhat.com/errata/RHSA-2026:11015nvd
- gitlab.gnome.org/GNOME/libxslt/-/issues/139nvd
- lists.debian.org/debian-lts-announce/2025/09/msg00024.htmlnvd
News mentions
0No linked articles in our index yet.