VYPR
Medium severity5.3NVD Advisory· Published Jul 1, 2019· Updated May 28, 2026

CVE-2019-13118

CVE-2019-13118

Description

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
nokogiriRubyGems
< 1.10.51.10.5

Affected products

10

Patches

Vulnerability mechanics

References

54

News mentions

0

No linked articles in our index yet.