- Home
- CVEs with nessus.description==This update for libxslt fixes the following security issues :
- CVE-2017-5029: The xsltAddTextString function in
transform.c lacked a check for integer overflow during a
size calculation, which allowed a remote attacker to
perform an out of bounds memory write via a crafted HTML
page (bsc#1035905).
- CVE-2016-4738: Fix heap overread in
xsltFormatNumberConversion: An empty decimal-separator
could cause a heap overread. This can be exploited to
leak a couple of bytes after the buffer that holds the
pattern string (bsc#1005591).
- CVE-2015-9019: Properly initialize random generator
(bsc#934119).
- CVE-2015-7995: Vulnerability in function
xsltStylePreCompute' in preproc.c could cause a type
confusion leading to DoS. (bsc#952474) This update was
imported from the SUSE:SLE-12:Update update project.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top