Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

CVE-2019-13118

Published

4 years ago

Last Modified

5 months ago

CVSSv2.0 Severity

Medium

CVSSv3.1 Severity

Medium

Impact Analysis

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data..

CVSSv2.0 Score

Severity: Medium
Base Score: 5/10
Exploit Score: 10/10
Access Vector: Network
Access Complexity: Low
Authentication Required: None
Impact Score: 2.9/10
Confidentiality Impact: Partial
Availability Impact: None
Integrity Impact: None

CVSSv3.1 Score

Severity: Medium
Base Score: 5.3/10
Exploit Score: 3.9/10
Access Vector: Network
Access Complexity: Low
Privileges Required: None
Impact Score: 1.4/10
Confidentiality Impact: Low
Availability Impact: None
Integrity Impact: None
Scope: Unchanged
User Interaction: None

Products Affected

CPE	Affected	Vulnerable	Excluding
cpe:2.3:a:xmlsoft:libxslt:1.1.33:::::::*	Yes	-	-
cpe:2.3:o:opensuse:leap:15.1:::::::*	Yes	-	-
cpe:2.3:a:netapp:cloud_backup:-:::::::*	Yes	-	-
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::*	Yes	-	-
cpe:2.3:a:netapp:oncommand_workflow_automation:-::::::	Yes	-	-
cpe:2.3:a:netapp:oncommand_insight:-:::::::*	Yes	-	-
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:	Yes	-	-
cpe:2.3:a:netapp:clustered_data_ontap:-:::::::*	Yes	-	-
cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:::*	Yes	-	-
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_	Yes	-	-
cpe:2.3:a:netapp:santricity_unified_manager:-:::::::*	Yes	-	-
cpe:2.3:a:netapp:e-series_performance_analyzer:-::::::	Yes	-	-
cpe:2.3:a:netapp:e-series_santricity_management_plug-ins:-:*	Yes	-	-
cpe:2.3:a:netapp:plug-in_for_symantec_netbackup:-:::::*:	Yes	-	-
cpe:2.3:a:netapp:e-series_santricity_web_services:-:::::	Yes	-	-
cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows	Yes	-	-
cpe:2.3:a:netapp:e-series_santricity_os_controller:::::*	Yes	11.0	-
cpe:2.3:a:oracle:jdk:1.8.0:update231::::::	Yes	-	-
cpe:2.3:o:fedoraproject:fedora:31:::::::*	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::	Yes	-	-
cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::	Yes	-	-
cpe:2.3:o:apple:tvos::::::::	Yes	-	12.4
cpe:2.3:o:apple:iphone_os::::::::	Yes	-	12.4
cpe:2.3:a:apple:icloud::::::windows::*	Yes	-	7.13
cpe:2.3:a:apple:itunes::::::windows::*	Yes	-	12.9.6
cpe:2.3:a:apple:icloud::::::windows::*	Yes	10.0	10.6
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-003:*:	Yes	-	-
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-002:*:	Yes	-	-
cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-001:*:	Yes	-	-
cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-003:*:	Yes	-	-
cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-002:*:	Yes	-	-
cpe:2.3:o:apple:mac_os_x:10.12.6:security_update_2019-001:*:	Yes	-	-
cpe:2.3:o:apple:macos::::::::	Yes	10.4.6	10.14.6

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2019-13118

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

CVE-2019-13118

CVE information

Published

Last Modified

CVSSv2.0 Severity

CVSSv3.1 Severity

Impact Analysis

Share

Description

CVSSv2.0 Score

CVSSv3.1 Score

Products Affected

References