Lucene search
K

7 matches found

CVE
CVE
added 2021/08/03 12:0 a.m.407 views

CVE-2021-30560

CVE-2021-30560 is a use-after-free vulnerability in the Blink XSLT component of the Chromium/Google Chrome rendering engine prior to version 91.0.4472.164. The documented impact is potential heap corruption/execution of arbitrary code via a crafted HTML page. Connected advisories consistently ref...

8.8CVSS9AI score0.21623EPSS
CVE
CVE
added 2025/03/14 12:0 a.m.276 views

CVE-2024-55549

CVE-2024-55549 affects libxslt prior to 1.1.43, with a use-after-free in xsltGetInheritedNsList (exclusion of result prefixes). Multiple advisories (e.g., ALAS/AL2, ALSA, Astra Linux, CBL-Mariner) confirm the issue and list libxslt as vulnerable in affected packages before 1.1.43. The connected d...

7.8CVSS7.6AI score0.00324EPSS
CVE
CVE
added 2019/12/11 12:55 a.m.267 views

CVE-2019-5815

CVE-2019-5815 describes a type confusion in libxslt’s xsltNumberFormatGetMultipleLevel causing heap corruption when processing crafted XML data. Connected advisories (Debian DLA, Debian security tracker, Cloud Foundry USN, etc.) confirm libxslt as the affected component and indicate that fixes ex...

7.5CVSS8AI score0.01817EPSS
CVE
CVE
added 2025/03/14 12:0 a.m.234 views

CVE-2025-24855

CVE-2025-24855 affects libxslt, specifically numbers.c, where a use-after-free can occur during nested XPath evaluations if the XPath context node is modified but not restored. The issue is documented as a Use-After-Free in numbers.c and is connected to related code paths xsltNumberFormatGetValue...

7.8CVSS7.6AI score0.00324EPSS
CVE
CVE
added 2016/07/22 1:0 a.m.110 views

CVE-2016-4610

CVE-2016-4610 affects libxslt in multiple Apple platforms: iOS (pre-9.3.3), OS X (pre-10.11.6), iTunes (pre-12.4.2 on Windows), iCloud (pre-5.2.1 on Windows), tvOS (pre-9.2.2), and watchOS (pre-2.2.2). The vulnerability allows remote attackers to cause a denial of service through memory corruptio...

9.8CVSS9.2AI score0.05102EPSS
CVE
CVE
added 2016/07/22 1:0 a.m.108 views

CVE-2016-4609

CVE-2016-4609 affects libxslt across Apple platforms: iOS prior to 9.3.3, OS X prior to 10.11.6, iTunes prior to 12.4.2 on Windows, iCloud prior to 5.2.1 on Windows, tvOS prior to 9.2.2, and watchOS prior to 2.2.2. The vulnerability allows remote attackers to cause a denial of service via memory ...

9.8CVSS9.2AI score0.05146EPSS
CVE
CVE
added 2016/07/22 1:0 a.m.79 views

CVE-2016-4607

CVE-2016-4607 affects libxslt and impacts multiple Apple platforms: iOS before 9.3.3; OS X before 10.11.6; iTunes before 12.4.2 on Windows; iCloud before 5.2.1 on Windows; tvOS before 9.2.2; watchOS before 2.2.2. The issue allows remote attackers to cause memory corruption and potential denial of...

9.8CVSS9.2AI score0.05102EPSS