Known Vulnerabilities for Libxslt by Xmlsoft
Listed below are 10 of the newest known vulnerabilities associated with "Libxslt" by "Xmlsoft".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-30560 | Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap co... | 8.8 - HIGH | 2021-08-03 | 2024-03-27 |
| CVE-2019-18197 | In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant... | 7.5 - HIGH | 2019-10-18 | 2020-08-24 |
| CVE-2019-13118 | In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid... | 5.3 - MEDIUM | 2019-07-01 | 2023-11-07 |
| CVE-2019-13117 | In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFor... | 5.3 - MEDIUM | 2019-07-01 | 2023-11-07 |
| CVE-2019-11068 | libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit acc... | 9.8 - CRITICAL | 2019-04-10 | 2023-11-07 |
| CVE-2019-5815 | Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap ... | 7.5 - HIGH | 2019-12-11 | 2023-11-07 |
| CVE-2017-5029 | The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for ... | 8.8 - HIGH | 2017-04-24 | 2023-11-07 |
| CVE-2016-4607 | libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS... | 9.8 - CRITICAL | 2016-07-22 | 2023-11-07 |
| CVE-2016-1684 | numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:numbe... | 7.5 - HIGH | 2016-06-05 | 2023-11-07 |
| CVE-2016-1683 | numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows re... | 7.5 - HIGH | 2016-06-05 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Xmlsoft | Libxslt | 1.1.9 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.8 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.7 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.6 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.5 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.4 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.33 | rc2 | All | All |
| Application | Xmlsoft | Libxslt | 1.1.33 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.33 | rc1 | All | All |
| Application | Xmlsoft | Libxslt | 1.1.32 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.32 | rc1 | All | All |
| Application | Xmlsoft | Libxslt | 1.1.32 | rc2 | All | All |
| Application | Xmlsoft | Libxslt | 1.1.31 | rc2 | All | All |
| Application | Xmlsoft | Libxslt | 1.1.31 | rc1 | All | All |
| Application | Xmlsoft | Libxslt | 1.1.31 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.30 | rc2 | All | All |
| Application | Xmlsoft | Libxslt | 1.1.30 | rc1 | All | All |
| Application | Xmlsoft | Libxslt | 1.1.30 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.3 | All | All | All |
| Application | Xmlsoft | Libxslt | 1.1.29 | rc2 | All | All |