Описание
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
A type confusion vulnerability was discovered in the xsltStylePreCompute() function of libxslt. A remote attacker could possibly exploit this flaw to cause an application using libxslt to crash by tricking the application into processing a specially crafted XSLT document.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | libxslt | Will not fix | ||
| Red Hat Enterprise Linux 6 | libxslt | Will not fix | ||
| Red Hat Enterprise Linux 7 | libxslt | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) | libxslt | Will not fix | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | libxslt | Will not fix | ||
| Red Hat Enterprise MRG 2 | libxslt | Affected | ||
| Red Hat Gluster Storage 3.1 | libxslt | Will not fix |
Показывать по
Дополнительная информация
Статус:
5 Medium
CVSS2
Связанные уязвимости
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does n ...
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.
5 Medium
CVSS2