Описание
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT func:result elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads and potential crashes. While difficult to exploit, the flaw could lead to application instability or denial of service.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.1.43-0.3 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | needs-triage | |
| esm-infra/xenial | needs-triage | |
| jammy | needs-triage | |
| noble | needs-triage | |
| plucky | ignored | end of life, was needs-triage |
| questing | needs-triage | |
| upstream | released | 1.1.44 |
Показывать по
EPSS
3.1 Low
CVSS3
Связанные уязвимости
A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads and potential crashes. While difficult to exploit, the flaw could lead to application instability or denial of service.
Libxslt: type confusion in exsltfuncresultcompfunction of libxslt
A flaw was found in the exsltFuncResultComp() function of libxslt, whi ...
EPSS
3.1 Low
CVSS3