QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2019-13118

Back to search

CVE-2019-13118

Published: Jul 1, 2019

Modified: May 28, 2026

PUBLISHED

Description

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.

VendorProductVersions

n/a

n/a

affected
n/a

References

20190723 APPLE-SA-2019-7-22-1 iOS 12.4
mailing-list
x_refsource_BUGTRAQ
20190723 APPLE-SA-2019-7-22-5 tvOS 12.4
mailing-list
x_refsource_BUGTRAQ
20190723 APPLE-SA-2019-7-22-4 watchOS 5.3
mailing-list
x_refsource_BUGTRAQ
20190723 APPLE-SA-2019-7-22-4 watchOS 5.3
mailing-list
x_refsource_FULLDISC
20190723 APPLE-SA-2019-7-22-1 iOS 12.4
mailing-list
x_refsource_FULLDISC
20190723 APPLE-SA-2019-7-22-5 tvOS 12.4
mailing-list
x_refsource_FULLDISC
USN-4164-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2019-fdf6ec39b4
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2020:0731
vendor-advisory
x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now