VulnerableCode Package Details - pkg:deb/debian/libxslt@1.1.34-4%2Bdeb11u1

Search for packages

Vulnerability	Summary	Fixed by
VCID-aauj-xkdy-mbea Aliases: CVE-2025-7424	libxslt: Type confusion in xmlNode.psvi between stylesheet and source nodes	1.1.35-1+deb12u3 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-gz4b-hjbg-pyfz Aliases: CVE-2025-10911	libxslt: use-after-free with key data stored cross-RVT	1.1.45-0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-jaep-1ut3-9qan Aliases: CVE-2025-24855	libxslt: Use-After-Free in libxslt numbers.c	1.1.35-1+deb12u3 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-qpxw-q3mc-xfhz Aliases: CVE-2025-11731	libxslt: Type Confusion in exsltFuncResultCompfunction of libxslt	1.1.45-0.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-wdxa-4bjj-7fe5 Aliases: CVE-2023-40403	libxslt: Processing web content may disclose sensitive information	1.1.35-1+deb12u3 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-z7hh-qpzy-c7b2 Aliases: CVE-2024-55549	libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)	1.1.35-1+deb12u3 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-aauj-xkdy-mbea
Aliases:
CVE-2025-7424

libxslt: Type confusion in xmlNode.psvi between stylesheet and source nodes

1.1.35-1+deb12u3
Affected by 2 other vulnerabilities.

VCID-gz4b-hjbg-pyfz
Aliases:
CVE-2025-10911

libxslt: use-after-free with key data stored cross-RVT

1.1.45-0.1
Affected by 1 other vulnerability.

VCID-jaep-1ut3-9qan
Aliases:
CVE-2025-24855

libxslt: Use-After-Free in libxslt numbers.c

1.1.35-1+deb12u3
Affected by 2 other vulnerabilities.

VCID-qpxw-q3mc-xfhz
Aliases:
CVE-2025-11731

libxslt: Type Confusion in exsltFuncResultCompfunction of libxslt

1.1.45-0.1
Affected by 1 other vulnerability.

VCID-wdxa-4bjj-7fe5
Aliases:
CVE-2023-40403

libxslt: Processing web content may disclose sensitive information

1.1.35-1+deb12u3
Affected by 2 other vulnerabilities.

VCID-z7hh-qpzy-c7b2
Aliases:
CVE-2024-55549

libxslt: Use-After-Free in libxslt (xsltGetInheritedNsList)

1.1.35-1+deb12u3
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-nxyn-eknv-tqbf	Use After Free Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	CVE-2021-30560 GHSA-59gp-qqm7-cw4j
VCID-sxp3-vtcq-pugw	Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. Nokogiri prior to version 1.10.5 contains a vulnerable version of libxslt. Nokogiri version 1.10.5 upgrades the dependency to libxslt 1.1.34, which contains a patch for this issue.	CVE-2019-18197 GHSA-242x-7cm6-4w8j
VCID-zwzs-qztz-wbfj	Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code.	CVE-2019-5815 GHSA-vmfx-gcfq-wvm2

Vulnerability

Summary

Aliases

VCID-nxyn-eknv-tqbf

Use After Free Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-30560
GHSA-59gp-qqm7-cw4j

VCID-sxp3-vtcq-pugw

Nokogiri affected by libxslt Use of Uninitialized Resource/Use After Free vulnerability In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed. Nokogiri prior to version 1.10.5 contains a vulnerable version of libxslt. Nokogiri version 1.10.5 upgrades the dependency to libxslt 1.1.34, which contains a patch for this issue.

CVE-2019-18197
GHSA-242x-7cm6-4w8j

VCID-zwzs-qztz-wbfj

Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code.

CVE-2019-5815
GHSA-vmfx-gcfq-wvm2

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:14:34.015037+00:00	Debian Importer	Affected by	VCID-qpxw-q3mc-xfhz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:31:59.313100+00:00	Debian Importer	Affected by	VCID-gz4b-hjbg-pyfz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-15T23:35:34.467191+00:00	Debian Oval Importer	Affected by	VCID-wdxa-4bjj-7fe5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:50:42.180419+00:00	Debian Oval Importer	Affected by	VCID-aauj-xkdy-mbea	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:25:24.581531+00:00	Debian Oval Importer	Fixing	VCID-sxp3-vtcq-pugw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:10:39.097572+00:00	Debian Oval Importer	Fixing	VCID-nxyn-eknv-tqbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:21:06.549704+00:00	Debian Oval Importer	Affected by	VCID-jaep-1ut3-9qan	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:27:32.336855+00:00	Debian Oval Importer	Fixing	VCID-zwzs-qztz-wbfj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:16:20.617422+00:00	Debian Oval Importer	Affected by	VCID-z7hh-qpzy-c7b2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-13T09:07:06.222039+00:00	Debian Importer	Affected by	VCID-qpxw-q3mc-xfhz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T23:10:33.427285+00:00	Debian Oval Importer	Affected by	VCID-wdxa-4bjj-7fe5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:29:12.377920+00:00	Debian Oval Importer	Affected by	VCID-aauj-xkdy-mbea	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:04:46.579161+00:00	Debian Oval Importer	Fixing	VCID-sxp3-vtcq-pugw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:21:23.263478+00:00	Debian Importer	Affected by	VCID-gz4b-hjbg-pyfz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:56:07.800386+00:00	Debian Oval Importer	Fixing	VCID-nxyn-eknv-tqbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:07:33.915381+00:00	Debian Oval Importer	Affected by	VCID-jaep-1ut3-9qan	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:14:43.297666+00:00	Debian Oval Importer	Fixing	VCID-zwzs-qztz-wbfj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:03:40.789108+00:00	Debian Oval Importer	Affected by	VCID-z7hh-qpzy-c7b2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T22:44:14.542193+00:00	Debian Oval Importer	Affected by	VCID-wdxa-4bjj-7fe5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:07:35.347327+00:00	Debian Oval Importer	Affected by	VCID-aauj-xkdy-mbea	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:43:57.031048+00:00	Debian Oval Importer	Fixing	VCID-sxp3-vtcq-pugw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:03:51.641399+00:00	Debian Importer	Affected by	VCID-qpxw-q3mc-xfhz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T17:42:56.323309+00:00	Debian Oval Importer	Fixing	VCID-nxyn-eknv-tqbf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:56:44.587538+00:00	Debian Oval Importer	Affected by	VCID-jaep-1ut3-9qan	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:07:01.498071+00:00	Debian Oval Importer	Fixing	VCID-zwzs-qztz-wbfj	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:56:32.723252+00:00	Debian Oval Importer	Affected by	VCID-z7hh-qpzy-c7b2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-04T18:06:32.074269+00:00	Debian Importer	Affected by	VCID-gz4b-hjbg-pyfz	https://security-tracker.debian.org/tracker/data/json	38.1.0