Lucene search
Gentoo FoundationMGASA-2019-0313HistoryNov 02, 2019 - 7:54 p.m.
Updated libxslt packages fix security vulnerabilities
2019-11-0219:54:34
Gentoo Foundation
advisories.mageia.org
25
0.008 Low
EPSS
Percentile
81.5%
Updated libxslt package fixes security vulnerabilities: * In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character (CVE-2019-13117). * In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data (CVE-2019-13118). * In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn’t reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed (CVE-2019-18197).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 7 | noarch | libxslt | <Â 1.1.33-2.1 | libxslt-1.1.33-2.1.mga7 |
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:1409-1)
2021-06-09 00:00:00
openSUSE: Security Advisory for libxslt (openSUSE-SU-2020:0731-1)
2020-05-29 00:00:00
Ubuntu: Security Advisory (USN-4164-1)
2019-10-23 00:00:00
nessus
nessus
SUSE SLED15 / SLES15 Security Update : libxslt (SUSE-SU-2020:1409-1)
2020-06-17 00:00:00
openSUSE Security Update : libxslt (openSUSE-2020-731)
2020-05-29 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : Libxslt vulnerabilities (USN-4164-1)
2019-10-23 00:00:00
ubuntu
ubuntu
Libxslt vulnerabilities
2019-10-22 00:00:00
suse
suse
Security update for libxslt (moderate)
2020-05-29 00:00:00
Security update for chromium (important)
2020-02-12 00:00:00
Security update for chromium, re2 (important)
2020-02-19 00:00:00
cloudfoundry
cloudfoundry
USN-4164-1: Libxslt vulnerabilities | Cloud Foundry
2019-11-06 00:00:00
rubygems
rubygems
Nokogiri gem, via libxslt, is affected by multiple vulnerabilities
2019-10-30 21:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libxslt-1.1.34-1.fc31
2020-03-18 02:23:20
[SECURITY] Fedora 31 Update: libxslt-1.1.33-4.fc31
2019-10-29 01:28:27
[SECURITY] Fedora 30 Update: libxslt-1.1.34-1.fc30
2020-03-26 09:48:01
f5
f5
K96300145 : C Library (SQLite & libxslt) vulnerabilities CVE-2019-16168 CVE-2019-13117 CVE-2019-13118
2020-01-31 00:00:00
K10812540 : OpenJDK vulnerability CVE-2019-18197
2022-10-06 00:00:00
osv
osv
libxslt - security update
2019-07-22 00:00:00
libxslt Type Confusion vulnerability that affects Nokogiri
2022-05-24 16:49:07
Uninitialized read in Nokogiri gem
2022-05-24 16:49:06
debian
debian
[SECURITY] [DLA 1860-1] libxslt security update
2019-07-22 16:17:07
[SECURITY] [DLA 1973-1] libxslt security update
2019-10-27 21:18:08
github
github
Uninitialized read in Nokogiri gem
2022-05-24 16:49:06
libxslt Type Confusion vulnerability that affects Nokogiri
2022-05-24 16:49:07
alpinelinux
alpinelinux
ubuntucve
ubuntucve
redhatcve
redhatcve
cve
cve
cvelist
cvelist
debiancve
debiancve
prion
prion
Buffer overflow
2019-10-18 21:15:00
Format string
2019-07-01 02:15:00
Design/Logic Flaw
2019-07-01 02:15:00
veracode
veracode
Denial Of Service (DoS)
2019-10-23 05:35:33
symantec
symantec
libxslt CVE-2019-13117 Information Disclosure Vulnerability
2019-07-10 00:00:00
libxslt CVE-2019-13118 Stack Buffer Overflow Vulnerability
2019-06-30 00:00:00
libxslt CVE-2019-18197 Arbitrary Code Execution Vulnerability
2019-10-18 00:00:00
photon
photon
amazon
amazon
Medium: libxslt
2020-12-16 20:31:00
Medium: libxslt
2020-10-22 18:26:00
Medium: libxslt
2021-01-12 22:51:00
ibm
ibm
almalinux
almalinux
Moderate: libxslt security update
2020-11-03 12:07:14
redhat
redhat
(RHSA-2020:4005) Moderate: libxslt security update
2020-09-29 07:50:58
(RHSA-2020:4464) Moderate: libxslt security update
2020-11-03 12:07:14
(RHSA-2020:0514) Important: chromium-browser security update
2020-02-17 08:02:41
oraclelinux
oraclelinux
libxslt security update
2020-11-10 00:00:00
libxslt security update
2020-10-06 00:00:00
kaspersky
kaspersky
KLA11646 Multiple vulnerabilities in Oracle JRE
2020-01-05 00:00:00
KLA11753 Multiple vulnerabilities in Oracle Java SE
2020-03-16 00:00:00
KLA11526 Multiple vulnerabilities in Apple iTunes
2019-07-23 00:00:00
apple
apple
About the security content of iCloud for Windows 7.13
2019-07-23 00:00:00
About the security content of iCloud for Windows 7.13 - Apple Support
2019-09-11 08:58:07
About the security content of iTunes 12.9.6 for Windows - Apple Support
2019-09-25 04:28:40
archlinux
archlinux
[ASA-202002-3] chromium: multiple issues
2020-02-06 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerabilities
2020-03-06 19:13:58
chrome
chrome
Stable Channel Update for Desktop
2020-02-04 00:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47