Critical: Three Unpatched Security Vulnerabilities Found in libxslt

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Critical: Three Unpatched Security Vulnerabilities Found in libxslt

2025-08-29

libxslt, a sibling project of libxml2, currently lacks an active maintainer and has three unpatched security vulnerabilities. Two have been publicly disclosed (CVE-2025-7424 and CVE-2025-7425), involving type confusion and a heap-based buffer overflow. Patches have been proposed by engineers from Apple and Google on the GNOME GitLab, but remain unapplied due to the lack of a maintainer. This highlights the importance of open-source maintenance and poses a security risk to applications relying on libxslt.

(vuxml.freebsd.org)

Development

Website Chaos: A Parody Tool (Don't Enter Passwords!)

Debian 13's /tmp Moves to tmpfs: Speed and Challenges