CVE-2019-11068

Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11068.json

Aliases

Published

2019-04-10T20:29:00Z

Modified

2023-03-24T21:51:40.868123Z

Details

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

References

Affected packages

Alpine:v3.10 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r3

1.1.31-r3

1.1.32-r3

Alpine:v3.11 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r0

1.1.31-r0

1.1.32-r0

1.1.33-r0

Alpine:v3.12 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r0

1.1.31-r0

1.1.32-r0

1.1.33-r0

Alpine:v3.13 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r0

1.1.31-r0

1.1.32-r0

1.1.33-r0

Alpine:v3.14 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r0

1.1.31-r0

1.1.32-r0

1.1.33-r0

Alpine:v3.15 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r0

1.1.31-r0

1.1.32-r0

1.1.33-r0

Alpine:v3.16 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r0

1.1.31-r0

1.1.32-r0

1.1.33-r0

Alpine:v3.17 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r0

1.1.31-r0

1.1.32-r0

1.1.33-r0

Alpine:v3.6 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.29-r4

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r2

Alpine:v3.7 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.31-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r3

Alpine:v3.8 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r3

1.1.31-r3

1.1.32-r3

Alpine:v3.9 / libxslt

libxslt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0

Fixed

1.1.33-r1

Affected versions

1.*

1.1.24-r0

1.1.24-r1

1.1.26-r0

1.1.26-r1

1.1.26-r2

1.1.26-r3

1.1.26-r4

1.1.26-r5

1.1.26-r6

1.1.26-r7

1.1.26-r8

1.1.26-r9

1.1.27-r0

1.1.27-r1

1.1.28-r0

1.1.28-r1

1.1.28-r2

1.1.29-r0

1.1.29-r1

1.1.29-r2

1.1.29-r3

1.1.30-r3

1.1.31-r3

1.1.32-r3