Your submission was sent successfully! Close

CVE-2015-7995

Published: 17 November 2015

The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to cause a denial of service via a crafted XML file, related to a "type confusion" issue.

Priority

Low

Status

Package Release Status
libxslt
Launchpad, Ubuntu, Debian
precise
Released (1.1.26-8ubuntu1.4)
trusty
Released (1.1.28-2ubuntu0.1)
upstream
Released (1.1.29)
vivid Ignored
(reached end-of-life)
wily Ignored
(reached end-of-life)
xenial Not vulnerable
(1.1.28-2.1)
yakkety Not vulnerable
(1.1.28-2.1)
zesty Not vulnerable
(1.1.28-2.1)
Patches:
upstream: https://git.gnome.org/browse/libxslt/commit/?id=7ca19df892ca22d9314e95d59ce2abdeff46b617