AZL-65406

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65406.json

JSON Data

https://api.test.osv.dev/v1/vulns/AZL-65406

Upstream

CVE-2025-7424

Published

2025-07-10T14:15:27Z

Modified

2026-04-01T05:20:33.024115Z

Summary

CVE-2025-7424 affecting package libxslt for versions less than 1.1.43-3

Details

A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-7424

Affected packages

Azure Linux:3 / libxslt

Package

Name: libxslt
Purl: pkg:rpm/azure-linux/libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.43-3

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65406.json"