7 matches found
CVE-2021-30560
CVE-2021-30560 is a use-after-free vulnerability in the Blink XSLT component of the Chromium/Google Chrome rendering engine prior to version 91.0.4472.164. The documented impact is potential heap corruption/execution of arbitrary code via a crafted HTML page. Connected advisories consistently ref...
CVE-2024-55549
CVE-2024-55549 affects libxslt prior to 1.1.43, with a use-after-free in xsltGetInheritedNsList (exclusion of result prefixes). Multiple advisories (e.g., ALAS/AL2, ALSA, Astra Linux, CBL-Mariner) confirm the issue and list libxslt as vulnerable in affected packages before 1.1.43. The connected d...
CVE-2019-5815
CVE-2019-5815 describes a type confusion in libxslt’s xsltNumberFormatGetMultipleLevel causing heap corruption when processing crafted XML data. Connected advisories (Debian DLA, Debian security tracker, Cloud Foundry USN, etc.) confirm libxslt as the affected component and indicate that fixes ex...
CVE-2025-24855
CVE-2025-24855 affects libxslt, specifically numbers.c, where a use-after-free can occur during nested XPath evaluations if the XPath context node is modified but not restored. The issue is documented as a Use-After-Free in numbers.c and is connected to related code paths xsltNumberFormatGetValue...
CVE-2016-4610
CVE-2016-4610 affects libxslt in multiple Apple platforms: iOS (pre-9.3.3), OS X (pre-10.11.6), iTunes (pre-12.4.2 on Windows), iCloud (pre-5.2.1 on Windows), tvOS (pre-9.2.2), and watchOS (pre-2.2.2). The vulnerability allows remote attackers to cause a denial of service through memory corruptio...
CVE-2016-4609
CVE-2016-4609 affects libxslt across Apple platforms: iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2. The vulnerability allows remote attackers to cause a denial of service via memory ...
CVE-2016-4607
CVE-2016-4607 affects libxslt and impacts multiple Apple platforms: iOS before 9.3.3; OS X before 10.11.6; iTunes before 12.4.2 on Windows; iCloud before 5.2.1 on Windows; tvOS before 9.2.2; watchOS before 2.2.2. The issue allows remote attackers to cause memory corruption and potential denial of...