Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-13118

Published: 01/07/2019 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Libxslt

Vulnerability Summary

It exists that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. (CVE-2019-13117, CVE-2019-13118)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

xmlsoft libxslt 1.1.33

opensuse leap 15.1

netapp cloud backup -

netapp steelstore cloud integrated storage -

netapp oncommand workflow automation -

netapp oncommand insight -

netapp ontap select deploy administration utility -

netapp clustered data ontap -

netapp e-series santricity storage manager -

netapp active iq unified manager -

netapp santricity unified manager -

netapp e-series performance analyzer -

netapp e-series santricity management plug-ins -

netapp plug-in for symantec netbackup -

netapp e-series santricity web services -

netapp e-series santricity os controller

oracle jdk 1.8.0

fedoraproject fedora 31

canonical ubuntu linux 18.04

canonical ubuntu linux 19.04

canonical ubuntu linux 14.04

canonical ubuntu linux 19.10

canonical ubuntu linux 16.04

canonical ubuntu linux 12.04

apple tvos

apple iphone os

apple icloud

apple itunes

apple mac os x 10.13.6

apple mac os x 10.12.6

apple macos

Vendor Advisories

Debian CVElist Bug Report Logs: libxslt: CVE-2019-13118
Debian Bug report logs - #931320 libxslt: CVE-2019-13118 Package: src:libxslt; Maintainer for src:libxslt is Debian XML/SGML Group <debian-xml-sgml-pkgs@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 1 Jul 2019 19:27:02 UTC Severity: important Tags: security, upstream Fou ...
Ubuntu Security Notice: libxslt vulnerabilities
Several security issues were fixed in Libxslt ...
Amazon Linux 2: ALAS2-2020-1387
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security) Supported versions that are affected are Java SE: 7u241, 8u231, 1105 and 1301; Java SE Embedded: 8u231 Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded Succe ...
Red Hat: CVE-2019-13118
Impact: Low Public Date: 2019-06-30 CWE: CWE-119 Bugzilla: 1728541: CVE-2019-13118 libxslt: read of uni ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
Multiple vulnerabilities have been found in Hitachi Command Suite, Hitachi Automation Director, Hitachi Configuration Manager, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center CVE-2019-13117, CVE-2019-13118, CVE-2019-16168, CVE-2020-2583, CVE-2020-2585, CVE-2020-2590, CVE-2020-2593, CVE-2020-2601, CVE-2020-2604, CVE-2020-2654, CVE ...

Mailing Lists

Full Disclosure: APPLE-SA-2019-7-23-3 iCloud for Windows 10.6
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> APPLE-SA-2019-7-23-3 iCloud for Windows 106 <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Apple Produc ...
Full Disclosure: APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10146, Security Update 2019-004 Hig ...
Full Disclosure: APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 124 <!--X-Subject-Header-End--> <!--X-Head-o ...

References

CWE-843https://oss-fuzz.com/testcase-detail/5197371471822848https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71bhttps://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069https://support.apple.com/kb/HT210346https://lists.debian.org/debian-lts-announce/2019/07/msg00020.htmlhttps://support.apple.com/kb/HT210353https://support.apple.com/kb/HT210348https://support.apple.com/kb/HT210351https://seclists.org/bugtraq/2019/Jul/37https://seclists.org/bugtraq/2019/Jul/36https://seclists.org/bugtraq/2019/Jul/35http://seclists.org/fulldisclosure/2019/Jul/24http://seclists.org/fulldisclosure/2019/Jul/22http://seclists.org/fulldisclosure/2019/Jul/26https://support.apple.com/kb/HT210356http://seclists.org/fulldisclosure/2019/Jul/23https://support.apple.com/kb/HT210357https://support.apple.com/kb/HT210358https://seclists.org/bugtraq/2019/Jul/41https://seclists.org/bugtraq/2019/Jul/42https://seclists.org/bugtraq/2019/Jul/40http://seclists.org/fulldisclosure/2019/Jul/31http://seclists.org/fulldisclosure/2019/Jul/38http://seclists.org/fulldisclosure/2019/Jul/37https://security.netapp.com/advisory/ntap-20190806-0004/https://seclists.org/bugtraq/2019/Aug/25https://seclists.org/bugtraq/2019/Aug/23https://seclists.org/bugtraq/2019/Aug/21https://seclists.org/bugtraq/2019/Aug/22http://seclists.org/fulldisclosure/2019/Aug/14http://seclists.org/fulldisclosure/2019/Aug/13http://seclists.org/fulldisclosure/2019/Aug/11http://seclists.org/fulldisclosure/2019/Aug/15https://usn.ubuntu.com/4164-1/http://www.openwall.com/lists/oss-security/2019/11/17/2https://www.oracle.com/security-alerts/cpujan2020.htmlhttps://security.netapp.com/advisory/ntap-20200122-0003/http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ/https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3Ehttps://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3Ehttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931320https://usn.ubuntu.com/4164-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook