Debian/libxslt — 51 CVEs · VulnScope

pkg:Debian/libxslt

51 total CVEsCRITICAL6HIGH21MEDIUM6LOW1

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2019-11068libxslt - security update
from 0, < 1.1.32-2.1
CRITICAL9.8CVE-2019-11068libxslt - security update
from 0, < 1.1.28-2+deb8u4
CRITICAL9.8CVE-2016-4610libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2,…
from 0, < 1.1.29-1
CRITICAL9.8libxslt - security update
from 0, < 1.1.28-2+deb8u5
CRITICAL9.8libxslt - security update
from 0, < 1.1.29-1
CRITICAL9.8libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2,…
from 0, < 1.1.29-1
HIGH8.8libxslt - security update
from 0, < 1.1.34-4+deb11u1
HIGH8.8libxslt - security update
from 0, < 1.1.34-4+deb11u1
HIGH8.8chromium-browser - security update
from 0, < 1.1.29-2.1
HIGH8.8chromium-browser - security update
from 0, < 1.1.26-14.1+deb7u3
HIGH8.8libxslt - security update
from 0, < 1.1.29-2
HIGH8.8libxslt - security update
from 0, < 1.1.26-14.1+deb7u2
HIGH8.8libxslt - security update
from 0, < 1.1.28-2+deb8u2
HIGH8.8libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to ex…
from 0, < 1.1.29-1
HIGH7.8libxml2 - security update
from 0
HIGH7.8numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but nev…
from 0, < 1.1.34-4+deb11u2
HIGH7.8libxslt - security update
from 0, < 1.1.34-4+deb11u2
HIGH7.8libxslt - security update
from 0, < 1.1.34-4+deb11u2
HIGH7.8libxslt - security update
from 0, < 1.1.35-1+deb12u1
HIGH7.5Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes
from 0, < 1.1.34-4+deb11u3
HIGH7.5libxslt - security update
from 0, < 1.1.34-2
HIGH7.5libxslt - security update
from 0, < 1.1.32-2.2~deb10u2
HIGH7.5libxslt - security update
from 0, < 1.1.32-2.2
HIGH7.5libxslt - security update
from 0, < 1.1.28-2+deb8u6
HIGH7.5libxslt Type Confusion vulnerability that affects Nokogiri
from 0, < 1.1.32-2.1
HIGH7.5numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number data, which…
from 0, < 1.1.29-1
HIGH7.5numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers…
from 0, < 1.1.29-1
MEDIUM6.5libxslt - security update
from 0, < 1.1.35-1+deb12u2
MEDIUM6.5libxslt - security update
from 0, < 1.1.34-4+deb11u3
MEDIUM6.5libxslt - security update
from 0, < 1.1.34-4+deb11u3
MEDIUM5.5Libxslt: use-after-free with key data stored cross-rvt
from 0
MEDIUM5.3Uninitialized read in Nokogiri gem
from 0, < 1.1.32-2.1
MEDIUM5.3In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usag…
from 0
LOW3.1A flaw was found in the exsltFuncResultComp() function of libxslt, which handles EXSLT <func:result> elements during stylesheet parsing.
from 0
—libxslt - security update
from 0, < 1.1.28-2+deb8u1
—libxslt - security update
from 0, < 1.1.26-14.1+deb7u1
—libxslt - security update
from 0, < 1.1.28-2.1
—libxslt - denial of service
from 0, < 1.1.26-6+squeeze3
—libxslt - denial of service
from 0, < 1.1.26-14.1
—Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or…
from 0, < 1.1.26-14
—libxml2 2.9.0-rc1 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly support a cast of an unspecified variable du…
from 0, < 1.1.26-14
—libxslt - several
from 0, < 1.1.26-14
—libxslt - several
from 0, < 1.1.26-6+squeeze2
—The XSL implementation in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service (incorrect read operation)…
from 0, < 1.1.26-13
—libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) via unspeci…
from 0, < 1.1.26-11
—The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and other pr…
from 0, < 1.1.26-7
—libxslt - arbitrary code execution
from 0, < 1.1.19-3
—libxslt - arbitrary code execution
from 0, < 1.1.24-1+lenny1
—libxslt - arbitrary code execution
from 0, < 1.1.24-2
—libxslt - arbitrary code execution
from 0, < 1.1.19-2
—libxslt - arbitrary code execution
from 0, < 1.1.24-1