Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes

July 10, 2025 invoker category_cve

CVE Details

Basic Information

Title Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes
Type cve
Published 2025-07-10T14:05:41.808Z
Modified 2025-07-10T14:19:18.343Z

Product Information

Vendor Red Hat
Product Red Hat Enterprise Linux 10

CVSS Information

Base Score 7.8 (HIGH)
Attack Vector CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H

AI Analysis

AI Description A type confusion vulnerability in the libxslt library can cause application crashes or memory corruption, potentially leading to denial of service.
AI Severity High
AI Vendor GNOME Foundation
AI Product libxslt

Additional Information

CWE List CWE-843
Source redhat

Description

A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.