High severity7.5NVD Advisory· Published Dec 11, 2019· Updated Jun 17, 2026
CVE-2019-5815
CVE-2019-5815
Description
Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
nokogiriRubyGems | < 1.10.5 | 1.10.5 |
Affected products
7- ghsa-coords6 versionspkg:gem/nokogiripkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweedpkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2012%20SP3pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015
< 1.10.5+ 5 more
- (no CPE)range: < 1.10.5
- (no CPE)range: < 74.0.3729.108-lp150.209.2
- (no CPE)range: < 75.0.3770.90-bp150.213.3
- (no CPE)range: < 93.0.4577.82-1.1
- (no CPE)range: < 75.0.3770.90-bp150.213.3
- (no CPE)range: < 75.0.3770.90-bp150.213.3
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-vmfx-gcfq-wvm2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2019-5815ghsaADVISORY
- github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2019-5815.ymlghsaWEB
- github.com/sparklemotion/nokogiri/issues/2630ghsaWEB
- gitlab.gnome.org/GNOME/libxslt/commit/08b62c25871b38d5d573515ca8a065b4b8f64f6bnvdWEB
- lists.debian.org/debian-lts-announce/2022/09/msg00010.htmlnvdWEB
- bugs.chromium.org/p/chromium/issues/detailnvd
News mentions
0No linked articles in our index yet.