Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-7424

A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.

Published

2025-07-10T14:15:27.573

Last Modified

2025-08-27T18:00:52.190

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-843

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	xmlsoft	libxslt	-	Yes
Application	redhat	openshift_container_platform	4.0	Yes
Operating System	redhat	enterprise_linux	6.0	Yes
Operating System	redhat	enterprise_linux	7.0	Yes
Operating System	redhat	enterprise_linux	8.0	Yes
Operating System	redhat	enterprise_linux	9.0	Yes
Operating System	redhat	enterprise_linux	10.0	Yes

References

https://access.redhat.com/security/cve/CVE-2025-7424 Third Party Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2379228 Issue Tracking, Third Party Advisory ([email protected])