CVE-2015-7995

EPSS 1.4%

libxslt - security update

發布日:2015/11/17修改日:2026/4/28

描述

The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.

受影響套件(3)

Debian/libxsltfrom 0, < 1.1.28-2.1
Debian/libxsltfrom 0, < 1.1.26-14.1+deb7u1
Debian/libxsltfrom 0, < 1.1.28-2+deb8u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-7995