{"id":"CVE-2025-7425","details":"A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.","modified":"2026-04-21T18:42:02.759002034Z","published":"2025-07-10T14:15:27.877Z","related":["ALSA-2025:12447","ALSA-2025:12450","SUSE-SU-2025:02547-1","SUSE-SU-2025:02617-1","SUSE-SU-2025:02620-1","SUSE-SU-2025:02621-1","SUSE-SU-2025:02758-1","SUSE-SU-2025:20564-1","SUSE-SU-2025:20607-1","openSUSE-SU-2025:15363-1"],"references":[{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/Jul/35"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/Jul/37"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/Aug/0"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/Jul/32"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2025-7425"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2025/Jul/30"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2025/07/11/2"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/09/msg00035.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13308"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13312"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:15308"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12450"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13310"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13311"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13267"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14858"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:21885"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:21913"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14818"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14819"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:12447"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13464"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13622"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14396"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13309"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13335"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13313"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:13314"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:14853"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379274"},{"type":"REPORT","url":"https://gitlab.gnome.org/GNOME/libxslt/-/issues/140"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-7425.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H"}]}