CVE-2025-11731

NameCVE-2025-11731
DescriptionA flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads and potential crashes. While difficult to exploit, the flaw could lead to application instability or denial of service.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libxslt (PTS)bullseye1.1.34-4+deb11u1vulnerable
bullseye (security)1.1.34-4+deb11u3vulnerable
bookworm1.1.35-1+deb12u2vulnerable
bookworm (security)1.1.35-1+deb12u3vulnerable
trixie1.1.35-1.2+deb13u1vulnerable
trixie (security)1.1.35-1.2+deb13u2vulnerable
forky, sid1.1.43-0.2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libxsltsource(unstable)(unfixed)

Notes

https://gitlab.gnome.org/GNOME/libxslt/-/issues/151
Fixed by: https://gitlab.gnome.org/GNOME/libxslt/-/commit/fe508f201efb9ea37bfbe95413b8b28251497de3
Search for package or bug name: Reporting problems