ALSA-2025:3615

See a problem?
Please try reporting it to the source first.

Source

https://errata.almalinux.org/8/ALSA-2025-3615.html

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2025:3615.json

JSON Data

https://api.osv.dev/v1/vulns/ALSA-2025:3615

Related

Published

2025-04-07T00:00:00Z

Modified

2025-04-07T12:05:03Z

Summary

Important: libxslt security update

Details

libxslt is a library for transforming XML files into other textual formats (including HTML, plain text, and other XML representations of the underlying data) using the standard XSLT stylesheet transformation mechanism.

Security Fix(es):

libxslt: Use-After-Free in libxslt numbers.c (CVE-2025-24855)
libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList) (CVE-2024-55549)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:8 / libxslt

Package

Name: libxslt
Purl: pkg:rpm/almalinux/libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.32-6.1.el8_10

AlmaLinux:8 / libxslt-devel

Package

Name: libxslt-devel
Purl: pkg:rpm/almalinux/libxslt-devel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.1.32-6.1.el8_10