Vulnerability-Lookup

BDU:2020-00861

Vulnerability from fstec - Published: 02.01.2019

Title

Уязвимость функции xsltNumberFormatDecimal библиотеки libxslt, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Description

Уязвимость функции xsltNumberFormatDecimal библиотеки libxslt существует из-за недостаточной проверки входных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vendor

ООО «РусБИТех-Астра», Canonical Ltd., Сообщество свободного программного обеспечения, Novell Inc., Apple Inc., Fedora Project, Oracle Corp., Daniel Veillard, АО «ИВК», АО «Концерн ВНИИНС»

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Ubuntu, Debian GNU/Linux, Suse Linux Enterprise Desktop, SUSE Linux Enterprise Server for SAP Applications, SUSE Linux Enterprise Software Development Kit, Suse Linux Enterprise Server, SUSE CaaS Platform, MacOS, Fedora, SUSE Linux Enterprise High Performance Computing, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), Java SE, iOS, tvOS, watchOS, iTunes, iCloud, libxslt, Альт 8 СП (запись в едином реестре российских программ №4305), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

1.5 «Смоленск» (Astra Linux Special Edition), 16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), 12 SP4 (Suse Linux Enterprise Desktop), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Software Development Kit), 12 SP4 (Suse Linux Enterprise Server), 12.04 ESM (Ubuntu), 19.04 (Ubuntu), 3.0 (SUSE CaaS Platform), 14.04 ESM (Ubuntu), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Software Development Kit), 8 (Debian GNU/Linux), Mojave 10.14.5 (MacOS), 10 (Debian GNU/Linux), 31 (Fedora), 12 SP5 (SUSE Linux Enterprise High Performance Computing), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 8u231 (Java SE), до 12.4 (iOS), Mojave до 10.14.6 (MacOS), до 12.4 (tvOS), до 5.3 (watchOS), до 12.9.6 (iTunes), до 7.13 (iCloud), от 10.0 до 10.6 (iCloud), 1.1.33 (libxslt), - (Альт 8 СП), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций: Для libxslt: https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b Для Ubuntu: https://usn.ubuntu.com/4164-1/ Для программных продуктов Oracle Corp.: https://www.oracle.com/security-alerts/cpujan2020.html Для продуктов Apple: https://support.apple.com/ru-ru/HT210358 https://support.apple.com/ru-ru/HT210357 https://support.apple.com/ru-ru/HT210356 https://support.apple.com/ru-ru/HT210353 https://support.apple.com/ru-ru/HT210351 https://support.apple.com/ru-ru/HT210348 https://support.apple.com/ru-ru/HT210346 Для Fedora: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/ Для Debian: https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2019-13118/ Для Astra Linux: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16 https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81 https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15 Для ОС ОН «Стрелец»: Обновление программного обеспечения libxslt до версии 1.1.29-2.1+deb9u2 Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства

Reference

https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b https://usn.ubuntu.com/4164-1/ https://www.oracle.com/security-alerts/cpujan2020.html https://support.apple.com/ru-ru/HT210358 https://support.apple.com/ru-ru/HT210357 https://support.apple.com/ru-ru/HT210356 https://support.apple.com/ru-ru/HT210353 https://support.apple.com/ru-ru/HT210351 https://support.apple.com/ru-ru/HT210348 https://support.apple.com/ru-ru/HT210346 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/ https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html https://www.suse.com/security/cve/CVE-2019-13118/ https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16 https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81 https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15 https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 https://altsp.su/obnovleniya-bezopasnosti/

CWE

CWE-20

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Novell Inc., Apple Inc., Fedora Project, Oracle Corp., Daniel Veillard, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 16.04 LTS (Ubuntu), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 12 SP4 (Suse Linux Enterprise Desktop), 12 SP4 (SUSE Linux Enterprise Server for SAP Applications), 12 SP4 (SUSE Linux Enterprise Software Development Kit), 12 SP4 (Suse Linux Enterprise Server), 12.04 ESM (Ubuntu), 19.04 (Ubuntu), 3.0 (SUSE CaaS Platform), 14.04 ESM (Ubuntu), 12 SP5 (Suse Linux Enterprise Server), 12 SP5 (SUSE Linux Enterprise Software Development Kit), 8 (Debian GNU/Linux), Mojave 10.14.5 (MacOS), 10 (Debian GNU/Linux), 31 (Fedora), 12 SP5 (SUSE Linux Enterprise High Performance Computing), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 8u231 (Java SE), \u0434\u043e 12.4 (iOS), Mojave \u0434\u043e 10.14.6 (MacOS), \u0434\u043e 12.4 (tvOS), \u0434\u043e 5.3 (watchOS), \u0434\u043e 12.9.6 (iTunes), \u0434\u043e 7.13 (iCloud), \u043e\u0442 10.0 \u0434\u043e 10.6 (iCloud), 1.1.33 (libxslt), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f libxslt:\nhttps://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/4164-1/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Oracle Corp.:\nhttps://www.oracle.com/security-alerts/cpujan2020.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Apple:\nhttps://support.apple.com/ru-ru/HT210358\nhttps://support.apple.com/ru-ru/HT210357\nhttps://support.apple.com/ru-ru/HT210356\nhttps://support.apple.com/ru-ru/HT210353\nhttps://support.apple.com/ru-ru/HT210351\nhttps://support.apple.com/ru-ru/HT210348\nhttps://support.apple.com/ru-ru/HT210346\n\n\u0414\u043b\u044f Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/\n\n\u0414\u043b\u044f Debian:\nhttps://lists.debian.org/debian-lts-announce/2019/07/msg00020.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2019-13118/\n\n\u0414\u043b\u044f Astra Linux: \nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81\nhttps://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f libxslt \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.1.29-2.1+deb9u2\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "02.01.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "04.03.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00861",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-13118",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Ubuntu, Debian GNU/Linux, Suse Linux Enterprise Desktop, SUSE Linux Enterprise Server for SAP Applications, SUSE Linux Enterprise Software Development Kit, Suse Linux Enterprise Server, SUSE CaaS Platform, MacOS, Fedora, SUSE Linux Enterprise High Performance Computing, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Java SE, iOS, tvOS, watchOS, iTunes, iCloud, libxslt, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Canonical Ltd. Ubuntu 16.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 18.04 LTS , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Novell Inc. Suse Linux Enterprise Desktop 12 SP4 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4 , Novell Inc. Suse Linux Enterprise Server 12 SP4 , Canonical Ltd. Ubuntu 12.04 ESM , Canonical Ltd. Ubuntu 19.04 , Canonical Ltd. Ubuntu 14.04 ESM , Novell Inc. Suse Linux Enterprise Server 12 SP5 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , Apple Inc. MacOS Mojave 10.14.5 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Fedora Project Fedora 31 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Apple Inc. iOS \u0434\u043e 12.4 , Apple Inc. MacOS Mojave \u0434\u043e 10.14.6 , Apple Inc. tvOS \u0434\u043e 12.4 , Apple Inc. watchOS \u0434\u043e 5.3 , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 xsltNumberFormatDecimal \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 libxslt, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u0430\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-20)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 xsltNumberFormatDecimal \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 libxslt \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b\nhttps://usn.ubuntu.com/4164-1/\nhttps://www.oracle.com/security-alerts/cpujan2020.html\nhttps://support.apple.com/ru-ru/HT210358\nhttps://support.apple.com/ru-ru/HT210357\nhttps://support.apple.com/ru-ru/HT210356\nhttps://support.apple.com/ru-ru/HT210353\nhttps://support.apple.com/ru-ru/HT210351\nhttps://support.apple.com/ru-ru/HT210348\nhttps://support.apple.com/ru-ru/HT210346\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/\nhttps://lists.debian.org/debian-lts-announce/2019/07/msg00020.html\nhttps://www.suse.com/security/cve/CVE-2019-13118/\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81\nhttps://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://altsp.su/obnovleniya-bezopasnosti/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u041c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0439 \u043a\u043e\u0434",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-20",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

CVE-2019-13118 (GCVE-0-2019-13118)

Vulnerability from cvelistv5 – Published: 2019-07-01 01:27 – Updated: 2024-08-04 23:41

Summary

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://gitlab.gnome.org/GNOME/libxslt/commit/6ce…	x_refsource_MISC
	https://oss-fuzz.com/testcase-detail/5197371471822848	x_refsource_MISC
	https://bugs.chromium.org/p/oss-fuzz/issues/detai…	x_refsource_MISC
	https://support.apple.com/kb/HT210348	x_refsource_CONFIRM
	https://support.apple.com/kb/HT210353	x_refsource_CONFIRM
	https://support.apple.com/kb/HT210351	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2019…	mailing-listx_refsource_MLIST
	https://support.apple.com/kb/HT210346	x_refsource_CONFIRM
	https://seclists.org/bugtraq/2019/Jul/35	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Jul/37	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Jul/36	mailing-listx_refsource_BUGTRAQ
	http://seclists.org/fulldisclosure/2019/Jul/24	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Jul/23	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Jul/22	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Jul/26	mailing-listx_refsource_FULLDISC
	https://support.apple.com/kb/HT210356	x_refsource_CONFIRM
	https://support.apple.com/kb/HT210357	x_refsource_CONFIRM
	https://support.apple.com/kb/HT210358	x_refsource_CONFIRM
	https://seclists.org/bugtraq/2019/Jul/42	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Jul/40	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Jul/41	mailing-listx_refsource_BUGTRAQ
	http://seclists.org/fulldisclosure/2019/Jul/31	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Jul/37	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Jul/38	mailing-listx_refsource_FULLDISC
	https://security.netapp.com/advisory/ntap-2019080…	x_refsource_CONFIRM
	https://seclists.org/bugtraq/2019/Aug/25	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Aug/22	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Aug/23	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Aug/21	mailing-listx_refsource_BUGTRAQ
	http://seclists.org/fulldisclosure/2019/Aug/14	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Aug/11	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Aug/13	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Aug/15	mailing-listx_refsource_FULLDISC
	https://usn.ubuntu.com/4164-1/	vendor-advisoryx_refsource_UBUNTU
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	http://www.openwall.com/lists/oss-security/2019/11/17/2	mailing-listx_refsource_MLIST
	https://www.oracle.com/security-alerts/cpujan2020.html	x_refsource_MISC
	https://security.netapp.com/advisory/ntap-2020012…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://lists.apache.org/thread.html/rf4c02775860…	mailing-listx_refsource_MLIST
	https://lists.apache.org/thread.html/r58af02e294b…	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.546Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://oss-fuzz.com/testcase-detail/5197371471822848"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210348"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210353"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210351"
          },
          {
            "name": "[debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210346"
          },
          {
            "name": "20190723 APPLE-SA-2019-7-22-1 iOS 12.4",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jul/35"
          },
          {
            "name": "20190723 APPLE-SA-2019-7-22-5 tvOS 12.4",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jul/37"
          },
          {
            "name": "20190723 APPLE-SA-2019-7-22-4 watchOS 5.3",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jul/36"
          },
          {
            "name": "20190723 APPLE-SA-2019-7-22-4 watchOS 5.3",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jul/24"
          },
          {
            "name": "20190723 APPLE-SA-2019-7-22-1 iOS 12.4",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jul/23"
          },
          {
            "name": "20190723 APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jul/22"
          },
          {
            "name": "20190723 APPLE-SA-2019-7-22-5 tvOS 12.4",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jul/26"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210356"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210357"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210358"
          },
          {
            "name": "20190724 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jul/42"
          },
          {
            "name": "20190724 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jul/40"
          },
          {
            "name": "20190724 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jul/41"
          },
          {
            "name": "20190726 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jul/31"
          },
          {
            "name": "20190726 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jul/37"
          },
          {
            "name": "20190726 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Jul/38"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190806-0004/"
          },
          {
            "name": "20190814 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Aug/25"
          },
          {
            "name": "20190814 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Aug/22"
          },
          {
            "name": "20190814 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Aug/23"
          },
          {
            "name": "20190814 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Aug/21"
          },
          {
            "name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Aug/14"
          },
          {
            "name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Aug/11"
          },
          {
            "name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Aug/13"
          },
          {
            "name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Aug/15"
          },
          {
            "name": "USN-4164-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4164-1/"
          },
          {
            "name": "FEDORA-2019-fdf6ec39b4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/"
          },
          {
            "name": "[oss-security] 20191117 Nokogiri security update v1.10.5",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/11/17/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200122-0003/"
          },
          {
            "name": "openSUSE-SU-2020:0731",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html"
          },
          {
            "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
          },
          {
            "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-29T14:08:54.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://oss-fuzz.com/testcase-detail/5197371471822848"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210348"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210353"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210351"
        },
        {
          "name": "[debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210346"
        },
        {
          "name": "20190723 APPLE-SA-2019-7-22-1 iOS 12.4",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jul/35"
        },
        {
          "name": "20190723 APPLE-SA-2019-7-22-5 tvOS 12.4",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jul/37"
        },
        {
          "name": "20190723 APPLE-SA-2019-7-22-4 watchOS 5.3",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jul/36"
        },
        {
          "name": "20190723 APPLE-SA-2019-7-22-4 watchOS 5.3",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jul/24"
        },
        {
          "name": "20190723 APPLE-SA-2019-7-22-1 iOS 12.4",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jul/23"
        },
        {
          "name": "20190723 APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jul/22"
        },
        {
          "name": "20190723 APPLE-SA-2019-7-22-5 tvOS 12.4",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jul/26"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210356"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210357"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210358"
        },
        {
          "name": "20190724 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jul/42"
        },
        {
          "name": "20190724 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jul/40"
        },
        {
          "name": "20190724 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jul/41"
        },
        {
          "name": "20190726 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jul/31"
        },
        {
          "name": "20190726 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jul/37"
        },
        {
          "name": "20190726 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Jul/38"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190806-0004/"
        },
        {
          "name": "20190814 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Aug/25"
        },
        {
          "name": "20190814 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Aug/22"
        },
        {
          "name": "20190814 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Aug/23"
        },
        {
          "name": "20190814 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Aug/21"
        },
        {
          "name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Aug/14"
        },
        {
          "name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Aug/11"
        },
        {
          "name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Aug/13"
        },
        {
          "name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Aug/15"
        },
        {
          "name": "USN-4164-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4164-1/"
        },
        {
          "name": "FEDORA-2019-fdf6ec39b4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/"
        },
        {
          "name": "[oss-security] 20191117 Nokogiri security update v1.10.5",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/11/17/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200122-0003/"
        },
        {
          "name": "openSUSE-SU-2020:0731",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html"
        },
        {
          "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
        },
        {
          "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-13118",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b",
              "refsource": "MISC",
              "url": "https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b"
            },
            {
              "name": "https://oss-fuzz.com/testcase-detail/5197371471822848",
              "refsource": "MISC",
              "url": "https://oss-fuzz.com/testcase-detail/5197371471822848"
            },
            {
              "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069"
            },
            {
              "name": "https://support.apple.com/kb/HT210348",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210348"
            },
            {
              "name": "https://support.apple.com/kb/HT210353",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210353"
            },
            {
              "name": "https://support.apple.com/kb/HT210351",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210351"
            },
            {
              "name": "[debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"
            },
            {
              "name": "https://support.apple.com/kb/HT210346",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210346"
            },
            {
              "name": "20190723 APPLE-SA-2019-7-22-1 iOS 12.4",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jul/35"
            },
            {
              "name": "20190723 APPLE-SA-2019-7-22-5 tvOS 12.4",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jul/37"
            },
            {
              "name": "20190723 APPLE-SA-2019-7-22-4 watchOS 5.3",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jul/36"
            },
            {
              "name": "20190723 APPLE-SA-2019-7-22-4 watchOS 5.3",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jul/24"
            },
            {
              "name": "20190723 APPLE-SA-2019-7-22-1 iOS 12.4",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jul/23"
            },
            {
              "name": "20190723 APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jul/22"
            },
            {
              "name": "20190723 APPLE-SA-2019-7-22-5 tvOS 12.4",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jul/26"
            },
            {
              "name": "https://support.apple.com/kb/HT210356",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210356"
            },
            {
              "name": "https://support.apple.com/kb/HT210357",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210357"
            },
            {
              "name": "https://support.apple.com/kb/HT210358",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210358"
            },
            {
              "name": "20190724 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jul/42"
            },
            {
              "name": "20190724 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jul/40"
            },
            {
              "name": "20190724 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jul/41"
            },
            {
              "name": "20190726 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jul/31"
            },
            {
              "name": "20190726 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jul/37"
            },
            {
              "name": "20190726 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Jul/38"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190806-0004/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190806-0004/"
            },
            {
              "name": "20190814 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Aug/25"
            },
            {
              "name": "20190814 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Aug/22"
            },
            {
              "name": "20190814 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Aug/23"
            },
            {
              "name": "20190814 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Aug/21"
            },
            {
              "name": "20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Aug/14"
            },
            {
              "name": "20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Aug/11"
            },
            {
              "name": "20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Aug/13"
            },
            {
              "name": "20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Aug/15"
            },
            {
              "name": "USN-4164-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4164-1/"
            },
            {
              "name": "FEDORA-2019-fdf6ec39b4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/"
            },
            {
              "name": "[oss-security] 20191117 Nokogiri security update v1.10.5",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/11/17/2"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200122-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200122-0003/"
            },
            {
              "name": "openSUSE-SU-2020:0731",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html"
            },
            {
              "name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
            },
            {
              "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13118",
    "datePublished": "2019-07-01T01:27:39.000Z",
    "dateReserved": "2019-06-30T00:00:00.000Z",
    "dateUpdated": "2024-08-04T23:41:10.546Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2020-00861

CVE-2019-13118 (GCVE-0-2019-13118)

Tags

Sightings

Nomenclature