VYPR
Medium severity5.3NVD Advisory· Published Jul 1, 2019· Updated May 28, 2026

CVE-2019-13117

CVE-2019-13117

Description

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
nokogiriRubyGems
< 1.10.51.10.5

Affected products

342

Patches

Vulnerability mechanics

References

24

News mentions

0

No linked articles in our index yet.