VYPR
High severity7.5NVD Advisory· Published Oct 18, 2019· Updated May 28, 2026

CVE-2019-18197

CVE-2019-18197

Description

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
nokogiriRubyGems
< 1.10.51.10.5

Affected products

30

Patches

Vulnerability mechanics

References

23

News mentions

0

No linked articles in our index yet.