CVE-2025-24855

ADVISORY - nist

Summary

numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal.

EPSS Score⁠: 0.00012 (0.013)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-416⁠

Use After Free

ADVISORY - redhat

CWE-416⁠

Use After Free

Impacted images

Advisories

NIST

CREATED

10 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-24855⁠

EXPLOITABILITY SCORE

1.4

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

7.8high

Alpine

CREATED

10 months ago

UPDATED

1 day ago

ADVISORY IDCVE-2025-24855⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

10 months ago

UPDATED

12 days ago

ADVISORY IDCVE-2025-24855⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

10 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2025-24855⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8medium

Alma

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY IDALSA-2025:3107⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Alma

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDALSA-2025:3615⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDALAS-2025-1968⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDALAS2-2025-2823⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

10 months ago

UPDATED

9 months ago

ADVISORY IDALAS2023-2025-909⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

10 months ago

UPDATED

5 days ago

ADVISORY IDCVE-2025-24855⁠

EXPLOITABILITY SCORE

1.4

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

7.8high

Rocky

CREATED

6 months ago

UPDATED

6 months ago

ADVISORY IDRLSA-2025:3615⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Rocky

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDRLSA-2025:7496⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

10 months ago

UPDATED

10 months ago

ADVISORY IDELSA-2025-3107⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDELSA-2025-3612⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDELSA-2025-3615⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

8 months ago

UPDATED

8 months ago

ADVISORY IDELSA-2025-4098⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Oracle

CREATED

7 months ago

UPDATED

7 months ago

ADVISORY IDELSA-2025-7496⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-4r4m-x253-hhr9

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

4 days ago

UPDATED

4 days ago

ADVISORY ID

CGA-gf4g-8xw3-xqpr

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-jcc3-4r8f-8mrr

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-jhx9-p2rx-7277

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

CGA-v52j-478r-mh2x

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Photon

CREATED

10 months ago

UPDATED

4 months ago

ADVISORY ID

CVE-2025-24855

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.8high

minimos

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY ID

MINI-cxrf-822r-3xjj

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY