Description
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
Published: 2025-09-25
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service (application crash)
Action: Patch
AI Analysis

Impact

A use‑after‑free flaw exists in libxslt during the parsing of XSL nodes. When the library processes certain XSL input, it may dereference pointers that have already been freed, causing the application to crash. The vulnerability falls under CWE‑825, reflecting a memory‑management issue. While the flaw is described as leading only to a crash, use‑after‑free bugs can potentially be leveraged for more serious failure modes if memory corruption is exploited, although no evidence of such exploitation is provided.

Affected Systems

The flaw affects Red Hat Enterprise Linux releases 6 through 10, Red Hat Hardened Images, Red Hat OpenShift Container Platform 4, and the Hummingbird product. Any system that incorporates libxslt from the listed Red Hat packages is potentially vulnerable.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity. An EPSS score of less than 1 % shows a very low likelihood of exploitation at this time. The vulnerability is not listed in CISA KEV. Likely attack vectors involve supplying malicious XSL input to an application that uses libxslt; such input could be delivered remotely or locally depending on the application’s exposure. Because the flaw can cause a crash, it poses a denial‑of‑service risk to affected services. The overall risk is considered moderate and the exploitation probability low, but exposure remains if vulnerable components are deployed in environments where arbitrary XSL input can be received.

Generated by OpenCVE AI on April 20, 2026 at 16:44 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Red Hat update that addresses the libxslt use‑after‑free issue. This will patch the memory‑management flaw and prevent the application crash.
  • Restart any services or containers that rely on libxslt after the update to ensure the patched libraries are loaded.
  • If an update is not immediately available, disable or remove any functionality that processes XSL input, or replace libxslt with a safer alternative in configuration or code to avoid using the vulnerable library.

Generated by OpenCVE AI on April 20, 2026 at 16:44 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-31128 A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
History

Mon, 13 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat hummingbird
CPEs cpe:/a:redhat:hummingbird:1
Vendors & Products Redhat hummingbird

Mon, 29 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 25 Sep 2025 19:45:00 +0000

Type Values Removed Values Added
References

Thu, 25 Sep 2025 15:30:00 +0000

Type Values Removed Values Added
Description A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
Title Libxslt: use-after-free with key data stored cross-rvt
First Time appeared Redhat
Redhat enterprise Linux
Redhat openshift
Weaknesses CWE-825
CPEs cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat openshift
References
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Subscriptions

Redhat Enterprise Linux Hummingbird Openshift
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-13T18:39:57.531Z

Reserved: 2025-09-24T12:45:24.913Z

Link: CVE-2025-10911

cve-icon Vulnrichment

Updated: 2025-09-29T15:49:00.370Z

cve-icon NVD

Status : Deferred

Published: 2025-09-25T16:15:31.337

Modified: 2026-04-15T00:35:42.020

Link: CVE-2025-10911

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T16:45:11Z

Weaknesses