Xmlsoft Libxslt vulnerabilities
34 known vulnerabilities affecting xmlsoft/libxslt.
Total CVEs
34
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH13MEDIUM15LOW1
Vulnerabilities
Page 2 of 2
CVE-2023-40403P4MEDIUMCVSS 6.5≥ 0, < 1.1.34-4+deb11u3≥ 0, < 1.1.35-1+deb12u2+2 more2023-09-27
CVE-2023-40403 [MEDIUM] CVE-2023-40403: The issue was addressed with improved memory handling
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information.
osv
CVE-2019-13118P4MEDIUMCVSS 5.3v1.1.332019-07-01
CVE-2019-13118 [MEDIUM] CWE-843 CVE-2019-13118: In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
nvdosv
CVE-2012-2871P4MEDIUMCVSS 6.8≥ 0, < 1.1.26-142012-08-31
CVE-2012-2871 [MEDIUM] CVE-2012-2871: libxml2 2
libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable during handling of XSL transforms, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document, related to the _xmlNs data structure in include/libxml/tree.h.
osv
CVE-2015-9019P4MEDIUMCVSS 5.3≤ 1.1.292017-04-05
CVE-2015-9019 [MEDIUM] CWE-330 CVE-2015-9019: In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed
In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.
nvd
CVE-2012-2893P4MEDIUMCVSS 6.8≥ 0, < 1.1.26-142012-09-26
CVE-2012-2893 [MEDIUM] CVE-2012-2893: Double free vulnerability in libxslt, as used in Google Chrome before 22
Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.
osv
CVE-2015-7995P4MEDIUMCVSS 5.0≤ 1.1.282015-11-17
CVE-2015-7995 [MEDIUM] CVE-2015-7995: The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
nvdosv
CVE-2012-6139P4MEDIUMCVSS 5.0≤ 1.1.27v0.0.1+75 more2013-04-12
CVE-2012-6139 [MEDIUM] CVE-2012-6139: libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty match attribute in a XSL key to the xsltAddKey function in keys.c or (2) uninitialized variable to the xsltDocumentFunction function in functions.c.
nvdosv
CVE-2012-2825P4MEDIUMCVSS 5.0≥ 0, < 1.1.26-132012-06-27
CVE-2012-2825 [MEDIUM] CVE-2012-2825: The XSL implementation in Google Chrome before 20
The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation) via unspecified vectors.
osv
CVE-2011-1202P4MEDIUMCVSS 4.3≤ 1.1.262011-03-11
CVE-2011-1202 [MEDIUM] CWE-200 CVE-2011-1202: The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other products, allows remote attackers to obtain potentially sensitive information about heap memory addresses via an XML document containing a call to the XSLT generate-id XPath function.
nvdosv
CVE-2025-10911P4MEDIUMCVSS 5.5≥ 0, < 1.1.43-0.32025-09-25
CVE-2025-10911 [MEDIUM] CVE-2025-10911: A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash
A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash.
osv
CVE-2011-3970P4MEDIUMCVSS 4.3≤ 1.1.262012-02-09
CVE-2011-3970 [MEDIUM] CWE-125 CVE-2011-3970: libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of s
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
nvdosv
CVE-2012-2870P4MEDIUMCVSS 4.3≤ 1.1.26v1.1.8+16 more2012-08-31
CVE-2012-2870 [MEDIUM] CWE-399 CVE-2012-2870: libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage m
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remote attackers to cause a denial of service (application crash) via a crafted XSLT expression that is not properly identified during XPath navigation, related to (1) the xsltCompileLocationPathPattern function in libxslt/patte
nvdosv
CVE-2013-4520P4MEDIUMCVSS 4.3≤ 1.1.24v0.0.1+72 more2013-12-14
CVE-2013-4520 [MEDIUM] CVE-2013-4520: xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (cra
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embeds a DTD, which causes a structure to be accessed as a different type. NOTE: this issue is due to an incomplete fix for CVE-2012-2825.
nvd
CVE-2025-11731P4LOWCVSS 3.1≥ 0, < 1.1.43-0.32025-10-14
CVE-2025-11731 [LOW] CVE-2025-11731: A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT elements during stylesheet parsing
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads and potential crashes. While difficult to
osv
← Previous2 / 2