Fluid Attacks Database

Description

Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	libxslt	>=0 <1.1.26-14	1.1.26-14
debian 14	libxslt	>=0 <1.1.26-14	1.1.26-14
debian 11	libxslt	>=0 <1.1.26-14	1.1.26-14
debian 13	libxslt	>=0 <1.1.26-14	1.1.26-14
rpm rhel5	libxslt	<0:1.1.17-4.el5_8.3	0:1.1.17-4.el5_8.3
rpm rhel6	libxslt	<0:1.1.26-2.el6_3.1	0:1.1.26-2.el6_3.1

Aliases

1. CVE-2012-28932. NVD-2012-28933. OSV-DEBIAN-2012-28934. OSV-2012-28935. SECURITY-TRACKER-CVE-2012-2893

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.