Vulnerabilities > Xmlsoft > Libxslt > 1.1.28
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-06-05 | CVE-2016-1683 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products numbers.c in libxslt before 1.1.29, as used in Google Chrome before 51.0.2704.63, mishandles namespace nodes, which allows remote attackers to cause a denial of service (out-of-bounds heap memory access) or possibly have unspecified other impact via a crafted document. | 7.5 |
2015-11-17 | CVE-2015-7995 | Remote Denial of Service vulnerability in libxslt 'libxslt/preproc.c' Type Confusion The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue. | 5.0 |