VYPR

rpm package

suse/libxslt&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

pkg:rpm/suse/libxslt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Vulnerabilities (3)

  • CVE-2025-11731LowOct 14, 2025
    affected < 1.1.28-17.21.1fixed 1.1.28-17.21.1

    A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This c

  • CVE-2025-24855Mar 14, 2025
    affected < 1.1.28-17.18.1fixed 1.1.28-17.18.1

    numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.

  • CVE-2024-55549Mar 14, 2025
    affected < 1.1.28-17.18.1fixed 1.1.28-17.18.1

    xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.