公告ID: KYLIN-2019-13117
安全等级: 低级
产品: Kylin V3
发布日期: 2019年6月30日
CVE: CVE-2019-13117
CVSS3评分: 3.3
概述:
This issue affects the versions of libxslt as shipped with Kylin Enterprise Linux 5, 6, 7 and 8. It has been classified with the security impact of 'Low' by the Kylin Product Security Team. 描述:
In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character. 系统版本:
KYLIN 3.3.x
KYLIN 3.4.x
受影响包列表:
libxslt
libxslt