Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-x5dp-mdak-gker

Summary

libxslt is affected by a heap-based buffer overflow, possibly leading to
    the execution of arbitrary code.

Aliases

alias	CVE-2008-2935

Fixed_packages

url	pkg:deb/debian/libxslt@1.1.24-2?distro=trixie
purl	pkg:deb/debian/libxslt@1.1.24-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.24-2%3Fdistro=trixie

url pkg:deb/debian/libxslt@1.1.24-2

purl pkg:deb/debian/libxslt@1.1.24-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.24-2

url pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.34-4%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/libxslt@1.1.35-1%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u2?distro=trixie

purl pkg:deb/debian/libxslt@1.1.35-1.2%2Bdeb13u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-gz4b-hjbg-pyfz

vulnerability	VCID-qpxw-q3mc-xfhz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.35-1.2%252Bdeb13u2%3Fdistro=trixie

url pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie

purl pkg:deb/debian/libxslt@1.1.45-0.1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-uzdd-8m94-wubv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.45-0.1%3Fdistro=trixie

url	pkg:ebuild/dev-libs/libxslt@1.1.24-r1
purl	pkg:ebuild/dev-libs/libxslt@1.1.24-r1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxslt@1.1.24-r1

Affected_packages

url pkg:deb/debian/libxslt@1.0.16-0.2

purl pkg:deb/debian/libxslt@1.0.16-0.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-9jk3-t3bn-4fgg

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-x5dp-mdak-gker

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.0.16-0.2

url pkg:deb/debian/libxslt@1.1.12-8

purl pkg:deb/debian/libxslt@1.1.12-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-9jk3-t3bn-4fgg

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-x5dp-mdak-gker

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.12-8

url pkg:deb/debian/libxslt@1.1.19-1

purl pkg:deb/debian/libxslt@1.1.19-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-9jk3-t3bn-4fgg

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-x5dp-mdak-gker

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.19-1

url pkg:deb/debian/libxslt@1.1.19-3

purl pkg:deb/debian/libxslt@1.1.19-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-28f2-6usv-zuc1

vulnerability	VCID-3f2w-tgya-x3cc

vulnerability	VCID-5nuu-a7bc-jke4

vulnerability	VCID-5uqv-dm9p-c7c6

vulnerability	VCID-6ss1-s8fx-vqd7

vulnerability	VCID-8a69-3km5-nfgs

vulnerability	VCID-96v6-vs1m-skf3

vulnerability	VCID-9jk3-t3bn-4fgg

vulnerability	VCID-aauj-xkdy-mbea

vulnerability	VCID-bg26-kj9r-7bea

vulnerability	VCID-e7am-z8tv-47hj

vulnerability	VCID-ht3y-d2qq-cyf2

vulnerability	VCID-jaep-1ut3-9qan

vulnerability	VCID-krjm-wk6b-akgk

vulnerability	VCID-m4cf-2dcq-uyaj

vulnerability	VCID-nxyn-eknv-tqbf

vulnerability	VCID-sxp3-vtcq-pugw

vulnerability	VCID-tdt5-asvh-ryaa

vulnerability	VCID-tp6g-d1wh-ffba

vulnerability	VCID-txm2-sdc1-7uch

vulnerability	VCID-wdxa-4bjj-7fe5

vulnerability	VCID-wksj-tx4y-cye7

vulnerability	VCID-x5dp-mdak-gker

vulnerability	VCID-yqpr-6kdc-hqbu

vulnerability	VCID-yx1j-ja6q-1qaf

vulnerability	VCID-z7hh-qpzy-c7b2

vulnerability	VCID-zkk5-v65p-zfag

vulnerability	VCID-zwzs-qztz-wbfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxslt@1.1.19-3

url pkg:ebuild/dev-libs/libxslt@1.1.8

purl pkg:ebuild/dev-libs/libxslt@1.1.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-x5dp-mdak-gker

resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-libs/libxslt@1.1.8

url pkg:rpm/redhat/libxslt@1.1.11-1.el4_7?arch=2

purl pkg:rpm/redhat/libxslt@1.1.11-1.el4_7?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-x5dp-mdak-gker

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libxslt@1.1.11-1.el4_7%3Farch=2

url pkg:rpm/redhat/libxslt@1.1.17-2.el5_2?arch=2

purl pkg:rpm/redhat/libxslt@1.1.17-2.el5_2?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-x5dp-mdak-gker

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libxslt@1.1.17-2.el5_2%3Farch=2

References

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2935.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2935.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2935

reference_id

reference_type

scores

value	0.22141
scoring_system	epss
scoring_elements	0.95805
published_at	2026-04-16T12:55:00Z

value	0.22141
scoring_system	epss
scoring_elements	0.95759
published_at	2026-04-01T12:55:00Z

value	0.22141
scoring_system	epss
scoring_elements	0.95768
published_at	2026-04-02T12:55:00Z

value	0.22141
scoring_system	epss
scoring_elements	0.95776
published_at	2026-04-04T12:55:00Z

value	0.22141
scoring_system	epss
scoring_elements	0.95779
published_at	2026-04-07T12:55:00Z

value	0.22141
scoring_system	epss
scoring_elements	0.95787
published_at	2026-04-08T12:55:00Z

value	0.22141
scoring_system	epss
scoring_elements	0.9579
published_at	2026-04-09T12:55:00Z

value	0.22141
scoring_system	epss
scoring_elements	0.95794
published_at	2026-04-12T12:55:00Z

value	0.22141
scoring_system	epss
scoring_elements	0.95795
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2935

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2935

reference_url	http://secunia.com/advisories/31230
reference_id
reference_type
scores
url	http://secunia.com/advisories/31230

reference_url	http://secunia.com/advisories/31310
reference_id
reference_type
scores
url	http://secunia.com/advisories/31310

reference_url	http://secunia.com/advisories/31331
reference_id
reference_type
scores
url	http://secunia.com/advisories/31331

reference_url	http://secunia.com/advisories/31363
reference_id
reference_type
scores
url	http://secunia.com/advisories/31363

reference_url	http://secunia.com/advisories/31395
reference_id
reference_type
scores
url	http://secunia.com/advisories/31395

reference_url	http://secunia.com/advisories/31399
reference_id
reference_type
scores
url	http://secunia.com/advisories/31399

reference_url	http://secunia.com/advisories/32453
reference_id
reference_type
scores
url	http://secunia.com/advisories/32453

reference_url	http://security.gentoo.org/glsa/glsa-200808-06.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-200808-06.xml

reference_url	http://securityreason.com/securityalert/4078
reference_id
reference_type
scores
url	http://securityreason.com/securityalert/4078

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44141
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/44141

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10827
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10827

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00092.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00092.html

reference_url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00118.html
reference_id
reference_type
scores
url	https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00118.html

reference_url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306
reference_id
reference_type
scores
url	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0306

reference_url	http://www.debian.org/security/2008/dsa-1624
reference_id
reference_type
scores
url	http://www.debian.org/security/2008/dsa-1624

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:160
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2008:160

reference_url	http://www.ocert.org/advisories/ocert-2008-009.html
reference_id
reference_type
scores
url	http://www.ocert.org/advisories/ocert-2008-009.html

reference_url	http://www.ocert.org/patches/exslt_crypt.patch
reference_id
reference_type
scores
url	http://www.ocert.org/patches/exslt_crypt.patch

reference_url	http://www.redhat.com/support/errata/RHSA-2008-0649.html
reference_id
reference_type
scores
url	http://www.redhat.com/support/errata/RHSA-2008-0649.html

reference_url	http://www.scary.beasts.org/security/CESA-2008-003.html
reference_id
reference_type
scores
url	http://www.scary.beasts.org/security/CESA-2008-003.html

reference_url	http://www.securityfocus.com/archive/1/494976/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/494976/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/495018/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/495018/100/0/threaded

reference_url	http://www.securityfocus.com/archive/1/497829/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/497829/100/0/threaded

reference_url	http://www.securityfocus.com/bid/30467
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30467

reference_url	http://www.securitytracker.com/id?1020596
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020596

reference_url	http://www.ubuntu.com/usn/usn-633-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/usn-633-1

reference_url	http://www.vupen.com/english/advisories/2008/2266/references
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2266/references

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=455848
reference_id	455848
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=455848

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493162
reference_id	493162
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493162

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.10:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.11:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.12:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.12:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.12:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.13:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.13:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.13:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.14:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.14:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.14:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.15:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.15:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.15:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.16:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.16:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.17:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.17:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.17:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.18:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.18:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.18:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.19:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.19:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.19:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.20:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.20:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.20:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.21:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.21:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.21:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.22:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.22:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.22:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.23:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.23:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.23:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.24:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.24:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.24:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.8:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.9:::::::*
reference_id	cpe:2.3:a:xmlsoft:libxslt:1.1.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xmlsoft:libxslt:1.1.9:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-2935

reference_id

CVE-2008-2935

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2008-2935

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32133.txt
reference_id	CVE-2008-2935;OSVDB-47544
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32133.txt

reference_url	https://www.securityfocus.com/bid/30467/info
reference_id	CVE-2008-2935;OSVDB-47544
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/30467/info

reference_url	https://security.gentoo.org/glsa/200808-06
reference_id	GLSA-200808-06
reference_type
scores
url	https://security.gentoo.org/glsa/200808-06

reference_url	https://access.redhat.com/errata/RHSA-2008:0649
reference_id	RHSA-2008:0649
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0649

reference_url	https://usn.ubuntu.com/633-1/
reference_id	USN-633-1
reference_type
scores
url	https://usn.ubuntu.com/633-1/

Weaknesses

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Exploits

date_added	2008-07-31
description	libxslt 1.1.x - RC4 Encryption and Decryption functions Buffer Overflow
required_action	`null`
due_date	`null`
notes	`null`
known_ransomware_campaign_use	`true`
source_date_published	2008-07-31
exploit_type	remote
platform	linux
source_date_updated	2014-03-12
data_source	Exploit-DB
source_url	https://www.securityfocus.com/bid/30467/info

Severity_range_score 7.5 - 7.5

Exploitability 2.0

Weighted_severity 6.8

Risk_score 10.0

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5dp-mdak-gker

Vulnerability Instance