Max CVSS | 5.0 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-13118 | 5.0 |
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
|
10-04-2023 - 15:52 | 01-07-2019 - 02:15 | |
CVE-2019-13117 | 5.0 |
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or
|
06-04-2023 - 19:30 | 01-07-2019 - 02:15 |