Wiz
Vulnerability DatabaseCVE-2025-11731

CVE-2025-11731
Linux Debian vulnerability analysis and mitigation

Overview

CVE-2025-11731 is a type confusion vulnerability discovered in the libxslt library, specifically affecting the exsltFuncResultComp() function which handles EXSLT elements during stylesheet parsing. The vulnerability was disclosed on October 14, 2025, and affects the libxslt package across multiple platforms. The issue has been assigned a CVSS v3.1 base score of 3.1 (Low severity) (NVD, Red Hat).

Technical details

The vulnerability (CWE-843) occurs in the exsltFuncResultComp() function when it improperly handles type verification during XML document node processing. The function may incorrectly treat an XML document node as a regular XML element node, leading to type confusion. This results in unexpected memory reads from incorrect addresses. The vulnerability requires network access and user interaction, with high attack complexity as indicated by the CVSS vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L (Red Hat).

Impact

The primary impact of this vulnerability is potential application instability and denial-of-service conditions. While the vulnerability can cause unexpected memory reads and crashes, there is no evidence of data corruption or code execution capabilities. The Red Hat Product Security team has rated this as Low severity, noting that exploitation only results in crashes and requires processing specially crafted XSL stylesheets (Red Hat).

Mitigation and workarounds

Currently, there are no fixed versions available for affected platforms. Red Hat has indicated that mitigation options are either not available or do not meet their Product Security criteria for ease of use, applicability to widespread installation base, or stability. The fix status is marked as 'deferred' for multiple Red Hat Enterprise Linux versions (6, 7, 8, 9, 10) and Red Hat OpenShift Container Platform 4 (Red Hat).

Community reactions

The vulnerability was reported by Google Big Sleep to Red Hat. The Red Hat Product Security team has assessed and classified this as a Low severity issue, emphasizing that while exploitation can cause crashes, it requires specific conditions and does not lead to data corruption or code execution (Red Hat).

Additional resources

SourceThis report was generated using AI

Related Linux Debian vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-59030HIGH7.5
  • Linux DebianLinux Debian
  • pdns-recursor
NoYesDec 09, 2025
CVE-2025-59029MEDIUM5.3
  • Linux DebianLinux Debian
  • pdns-recursor
NoYesDec 09, 2025
CVE-2025-40344N/AN/A
  • Linux KernelLinux Kernel
  • kernel-debug-modules-internal
NoYesDec 09, 2025
CVE-2025-40343N/AN/A
  • Linux KernelLinux Kernel
  • kernel-64k-debug-devel
NoYesDec 09, 2025
CVE-2025-40342N/AN/A
  • Linux KernelLinux Kernel
  • kernel-64k-debug-devel-matched
NoYesDec 09, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo