rpm package
suse/libxslt&distro=SUSE Linux Enterprise Software Development Kit 12 SP5
pkg:rpm/suse/libxslt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-30560 | — | < 1.1.28-17.15.1 | 1.1.28-17.15.1 | Aug 3, 2021 | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2019-18197 | Hig | 7.5 | < 1.1.28-17.9.1 | 1.1.28-17.9.1 | Oct 18, 2019 | In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized |
- CVE-2021-30560Aug 3, 2021affected < 1.1.28-17.15.1fixed 1.1.28-17.15.1
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 1.1.28-17.9.1fixed 1.1.28-17.9.1
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized