Your submission was sent successfully! Close

CVE-2016-1841

Published: 20 May 2016

libxslt, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
libxslt
Launchpad, Ubuntu, Debian
precise
Released (1.1.26-8ubuntu1.4)
trusty
Released (1.1.28-2ubuntu0.1)
upstream
Released (1.1.29-1)
wily Ignored
(reached end-of-life)
xenial
Released (1.1.28-2.1ubuntu0.1)
yakkety Not vulnerable
(1.1.29-1)
zesty Not vulnerable
(1.1.29-1)
Patches:
upstream: https://git.gnome.org/browse/libxslt/commit/?id=fc1ff481fd01e9a65a921c542fed68d8c965e8a3