Search for packages
Package details: pkg:deb/ubuntu/libxslt@1.1.28-2ubuntu0.1
purl pkg:deb/ubuntu/libxslt@1.1.28-2ubuntu0.1
Next non-vulnerable version 1.1.33-0ubuntu1.1
Latest non-vulnerable version 1.1.33-0ubuntu1.1
Risk 4.5
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-1px9-q7g4-aaan
Aliases:
CVE-2019-11068
GHSA-qxcg-xjjg-66mj
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.
1.1.28-2ubuntu0.2
Affected by 14 other vulnerabilities.
1.1.29-5ubuntu0.1
Affected by 3 other vulnerabilities.
VCID-2em3-ugp2-aaag
Aliases:
CVE-2019-13117
GHSA-4hm9-844j-jmxp
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.
1.1.29-5ubuntu0.2
Affected by 1 other vulnerability.
VCID-57tk-3v58-aaaj
Aliases:
CVE-2019-13118
GHSA-cf46-6xxh-pc75
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
1.1.29-5ubuntu0.2
Affected by 1 other vulnerability.
VCID-76fj-htxj-aaah
Aliases:
CVE-2019-18197
GHSA-242x-7cm6-4w8j
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
1.1.33-0ubuntu1.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (11)
Vulnerability Summary Aliases
VCID-4fur-vgev-aaam CVE-2016-4607 libxslt: allows remote attacker to cause denial of service CVE-2016-4607
VCID-9y6t-uz46-aaad The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android, lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. CVE-2017-5029
GHSA-pf6m-fxpq-fg8v
VCID-djhy-s45g-aaag libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4609, CVE-2016-4610, and CVE-2016-4612. CVE-2016-4608
VCID-f6zu-7z5w-aaaa libxslt in Apple iOS before 10, OS X before 10.12, tvOS before 10, and watchOS before 3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. CVE-2016-4738
VCID-npvt-67he-aaap ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-1683. Reason: This candidate is a reservation duplicate of CVE-2016-1683. Notes: All CVE users should reference CVE-2016-1683 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE-2016-4612
VCID-qhdd-7fbe-aaas Improper Restriction of Operations within the Bounds of a Memory Buffer nokogiri mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document. CVE-2016-1683
VCID-rkez-c67z-aaad numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which allows remote attackers to cause a denial of service (integer overflow or resource consumption) or possibly have unspecified other impact via a crafted document. CVE-2016-1684
VCID-varh-rmu4-aaas libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, and CVE-2016-4612. CVE-2016-4610
VCID-vuye-qs4u-aaah libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. CVE-2016-1841
VCID-wbqx-f1r4-aaag The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue. CVE-2015-7995
VCID-xw2b-ftxm-aaar libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, and CVE-2016-4612. CVE-2016-4609

Date Actor Action Vulnerability Source VulnerableCode Version