Описание
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.1.29-5ubuntu0.2 |
| devel | DNE | |
| disco | released | 1.1.32-2ubuntu0.2 |
| eoan | released | 1.1.33-0ubuntu1.1 |
| esm-infra-legacy/trusty | released | 1.1.28-2ubuntu0.2+esm1 |
| esm-infra/bionic | released | 1.1.29-5ubuntu0.2 |
| esm-infra/xenial | released | 1.1.28-2.1ubuntu0.3 |
| precise/esm | not-affected | 1.1.26-8ubuntu1.6 |
| trusty | ignored | end of standard support |
| trusty/esm | released | 1.1.28-2ubuntu0.2+esm1 |
Показывать по
EPSS
5.1 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable i ...
EPSS
5.1 Medium
CVSS2
7.5 High
CVSS3