libxslt: dangling pointer in xsltCopyText (CVE-2019-18197)ID: oval:org.secpod.oval:def:1801608 | Date: (C)2019-11-27 (M)2023-11-27 |
Class: PATCH | Family: unix |
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn"t reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
Platform: |
Alpine Linux 3.10 |
Alpine Linux 3.8 |
Alpine Linux 3.9 |
Alpine Linux 3.7 |