threat
engine
.sh
Back
·
··:··
Home
/
Product
/
xmlsoft libxslt
Product
xmlsoft libxslt
25 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-7424
all versions
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead t
7.5
HIGH
CVE-2025-24855
< 1.1.43
numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modifie
7.8
HIGH
CVE-2024-55549
< 1.1.43
xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.
7.8
HIGH
CVE-2022-29824
<= 1.1.35
In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf
) and tree.c (xmlBuffer
) don't check for integer ove
6.5
MEDIUM
CVE-2021-30560
< 1.1.35
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corrupt
8.8
HIGH
CVE-2019-5815
< 1.1.33
Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1.1.33 could allow attackers to potentially exploit heap corru
7.5
HIGH
CVE-2019-18197
all versions
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memo
7.5
HIGH
CVE-2019-13118
all versions
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid char
5.3
MEDIUM
CVE-2019-13117
all versions
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatIn
5.3
MEDIUM
CVE-2019-11068
<= 1.1.33
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access e
9.8
CRITICAL
CVE-2017-5029
all versions
The xsltAddTextString function in transform.c in libxslt 1.1.29, as used in Blink in Google Chrome prior to 57.0.2987.98 for Mac,
8.8
HIGH
CVE-2015-9019
<= 1.1.29
In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could c
5.3
MEDIUM
CVE-2016-4610
< 1.1.29
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS befo
9.8
CRITICAL
CVE-2016-4609
< 1.1.29
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS befo
9.8
CRITICAL
CVE-2016-4608
<= 1.1.28
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS befo
9.8
CRITICAL
CVE-2016-4607
< 1.1.29
libxslt in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS befo
9.8
CRITICAL
CVE-2016-1684
<= 1.1.28
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles the i format token for xsl:number dat
7.5
HIGH
CVE-2016-1683
<= 1.1.28
numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote
7.5
HIGH
CVE-2015-7995
<= 1.1.28
The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows atta
CVE-2013-4520
<= 1.1.24
xslt.c in libxslt before 1.1.25 allows context-dependent attackers to cause a denial of service (crash) via a stylesheet that embe
CVE-2012-6139
<= 1.1.27
libxslt before 1.1.28 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an (1) empty m
CVE-2012-2870
<= 1.1.26
libxslt 1.1.26 and earlier, as used in Google Chrome before 21.0.1180.89, does not properly manage memory, which might allow remot
CVE-2011-3970
<= 1.1.26
libxslt, as used in Google Chrome before 17.0.963.46, allows remote attackers to cause a denial of service (out-of-bounds read) vi
CVE-2011-1202
<= 1.1.26
The xsltGenerateIdFunction function in functions.c in libxslt 1.1.26 and earlier, as used in Google Chrome before 10.0.648.127 and
CVE-2008-2935
all versions
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCr
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin