This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Xmlsoft First view 2017-04-05
Product Libxslt Last view 2019-12-11
Version 1.1.29 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:xmlsoft:libxslt

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2019-12-11 CVE-2019-5815

Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corruption via crafted XML data.

9.8 2019-04-10 CVE-2019-11068

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

5.3 2017-04-05 CVE-2015-9019

In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-330 Use of Insufficiently Random Values

Nessus® Vulnerability Scanner

id Description
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0025.nasl - Type: ACT_GATHER_INFO
2017-05-24 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2017-609.nasl - Type: ACT_GATHER_INFO
2017-05-17 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-1313-1.nasl - Type: ACT_GATHER_INFO
2017-05-16 Name: The remote SUSE host is missing one or more security updates.
File: suse_SU-2017-1282-1.nasl - Type: ACT_GATHER_INFO