Fluid Attacks Database

Description

xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	libxslt	>=0 <1.1.35-1.2	1.1.35-1.2
alpine v3.18	libxslt	=1.1.24-r0 \|\| =1.1.24-r1 \|\| =1.1.26-r0 \|\| =1.1.26-r1 \|\| =1.1.26-r2 \|\| =1.1.26-r3 \|\| =1.1.26-r4 \|\| =1.1.26-r5 \|\| =1.1.26-r6 \|\| =1.1.26-r7 \|\| =1.1.26-r8 \|\| =1.1.26-r9 \|\| =1.1.27-r0 \|\| =1.1.27-r1 \|\| =1.1.28-r0 \|\| =1.1.28-r1 \|\| =1.1.28-r2 \|\| =1.1.29-r0 \|\| =1.1.29-r1 \|\| =1.1.29-r2 \|\| =1.1.29-r3 \|\| =1.1.30-r0 \|\| =1.1.31-r0 \|\| =1.1.32-r0 \|\| =1.1.33-r0 \|\| =1.1.33-r1 \|\| =1.1.34-r0 \|\| =1.1.34-r1 \|\| =1.1.35-r0 \|\| =1.1.36-r0 \|\| =1.1.37-r0 \|\| =1.1.37-r1 \|\| =1.1.37-r2 \|\| =1.1.37-r3 \|\| =1.1.37-r4 \|\| =1.1.38-r0 \|\| >=0 <1.1.38-r1	1.1.38-r1
alpine v3.19	libxslt	=1.1.24-r0 \|\| =1.1.24-r1 \|\| =1.1.26-r0 \|\| =1.1.26-r1 \|\| =1.1.26-r2 \|\| =1.1.26-r3 \|\| =1.1.26-r4 \|\| =1.1.26-r5 \|\| =1.1.26-r6 \|\| =1.1.26-r7 \|\| =1.1.26-r8 \|\| =1.1.26-r9 \|\| =1.1.27-r0 \|\| =1.1.27-r1 \|\| =1.1.28-r0 \|\| =1.1.28-r1 \|\| =1.1.28-r2 \|\| =1.1.29-r0 \|\| =1.1.29-r1 \|\| =1.1.29-r2 \|\| =1.1.29-r3 \|\| =1.1.30-r0 \|\| =1.1.31-r0 \|\| =1.1.32-r0 \|\| =1.1.33-r0 \|\| =1.1.33-r1 \|\| =1.1.34-r0 \|\| =1.1.34-r1 \|\| =1.1.35-r0 \|\| =1.1.36-r0 \|\| =1.1.37-r0 \|\| =1.1.37-r1 \|\| =1.1.37-r2 \|\| =1.1.37-r3 \|\| =1.1.37-r4 \|\| =1.1.38-r0 \|\| =1.1.38-r1 \|\| =1.1.39-r0 \|\| >=0 <1.1.39-r1	1.1.39-r1
alpine v3.20	libxslt	=1.1.24-r0 \|\| =1.1.24-r1 \|\| =1.1.26-r0 \|\| =1.1.26-r1 \|\| =1.1.26-r2 \|\| =1.1.26-r3 \|\| =1.1.26-r4 \|\| =1.1.26-r5 \|\| =1.1.26-r6 \|\| =1.1.26-r7 \|\| =1.1.26-r8 \|\| =1.1.26-r9 \|\| =1.1.27-r0 \|\| =1.1.27-r1 \|\| =1.1.28-r0 \|\| =1.1.28-r1 \|\| =1.1.28-r2 \|\| =1.1.29-r0 \|\| =1.1.29-r1 \|\| =1.1.29-r2 \|\| =1.1.29-r3 \|\| =1.1.30-r0 \|\| =1.1.31-r0 \|\| =1.1.32-r0 \|\| =1.1.33-r0 \|\| =1.1.33-r1 \|\| =1.1.34-r0 \|\| =1.1.34-r1 \|\| =1.1.35-r0 \|\| =1.1.36-r0 \|\| =1.1.37-r0 \|\| =1.1.37-r1 \|\| =1.1.37-r2 \|\| =1.1.37-r3 \|\| =1.1.37-r4 \|\| =1.1.38-r0 \|\| =1.1.38-r1 \|\| =1.1.39-r0 \|\| =1.1.39-r1 \|\| >=0 <1.1.39-r2	1.1.39-r2
alpine v3.21	libxslt	=1.1.24-r0 \|\| =1.1.24-r1 \|\| =1.1.26-r0 \|\| =1.1.26-r1 \|\| =1.1.26-r2 \|\| =1.1.26-r3 \|\| =1.1.26-r4 \|\| =1.1.26-r5 \|\| =1.1.26-r6 \|\| =1.1.26-r7 \|\| =1.1.26-r8 \|\| =1.1.26-r9 \|\| =1.1.27-r0 \|\| =1.1.27-r1 \|\| =1.1.28-r0 \|\| =1.1.28-r1 \|\| =1.1.28-r2 \|\| =1.1.29-r0 \|\| =1.1.29-r1 \|\| =1.1.29-r2 \|\| =1.1.29-r3 \|\| =1.1.30-r0 \|\| =1.1.31-r0 \|\| =1.1.32-r0 \|\| =1.1.33-r0 \|\| =1.1.33-r1 \|\| =1.1.34-r0 \|\| =1.1.34-r1 \|\| =1.1.35-r0 \|\| =1.1.36-r0 \|\| =1.1.37-r0 \|\| =1.1.37-r1 \|\| =1.1.37-r2 \|\| =1.1.37-r3 \|\| =1.1.37-r4 \|\| =1.1.38-r0 \|\| =1.1.38-r1 \|\| =1.1.39-r0 \|\| =1.1.39-r1 \|\| =1.1.42-r0 \|\| =1.1.42-r1 \|\| >=0 <1.1.42-r2	1.1.42-r2
alpine v3.22	libxslt	=1.1.24-r0 \|\| =1.1.24-r1 \|\| =1.1.26-r0 \|\| =1.1.26-r1 \|\| =1.1.26-r2 \|\| =1.1.26-r3 \|\| =1.1.26-r4 \|\| =1.1.26-r5 \|\| =1.1.26-r6 \|\| =1.1.26-r7 \|\| =1.1.26-r8 \|\| =1.1.26-r9 \|\| =1.1.27-r0 \|\| =1.1.27-r1 \|\| =1.1.28-r0 \|\| =1.1.28-r1 \|\| =1.1.28-r2 \|\| =1.1.29-r0 \|\| =1.1.29-r1 \|\| =1.1.29-r2 \|\| =1.1.29-r3 \|\| =1.1.30-r0 \|\| =1.1.31-r0 \|\| =1.1.32-r0 \|\| =1.1.33-r0 \|\| =1.1.33-r1 \|\| =1.1.34-r0 \|\| =1.1.34-r1 \|\| =1.1.35-r0 \|\| =1.1.36-r0 \|\| =1.1.37-r0 \|\| =1.1.37-r1 \|\| =1.1.37-r2 \|\| =1.1.37-r3 \|\| =1.1.37-r4 \|\| =1.1.38-r0 \|\| =1.1.38-r1 \|\| =1.1.39-r0 \|\| =1.1.39-r1 \|\| =1.1.42-r0 \|\| =1.1.42-r1 \|\| >=0 <1.1.43-r0	1.1.43-r0
debian 11	libxslt	=1.1.34-4 \|\| =1.1.34-4+deb11u1 \|\| >=0 <1.1.34-4+deb11u2	1.1.34-4+deb11u2
debian 12	libxslt	=1.1.35-1 \|\| >=0 <1.1.35-1+deb12u1	1.1.35-1+deb12u1
debian 13	libxslt	>=0 <1.1.35-1.2	1.1.35-1.2
alpine v3.23	libxslt	=1.1.24-r0 \|\| =1.1.24-r1 \|\| =1.1.26-r0 \|\| =1.1.26-r1 \|\| =1.1.26-r2 \|\| =1.1.26-r3 \|\| =1.1.26-r4 \|\| =1.1.26-r5 \|\| =1.1.26-r6 \|\| =1.1.26-r7 \|\| =1.1.26-r8 \|\| =1.1.26-r9 \|\| =1.1.27-r0 \|\| =1.1.27-r1 \|\| =1.1.28-r0 \|\| =1.1.28-r1 \|\| =1.1.28-r2 \|\| =1.1.29-r0 \|\| =1.1.29-r1 \|\| =1.1.29-r2 \|\| =1.1.29-r3 \|\| =1.1.30-r0 \|\| =1.1.31-r0 \|\| =1.1.32-r0 \|\| =1.1.33-r0 \|\| =1.1.33-r1 \|\| =1.1.34-r0 \|\| =1.1.34-r1 \|\| =1.1.35-r0 \|\| =1.1.36-r0 \|\| =1.1.37-r0 \|\| =1.1.37-r1 \|\| =1.1.37-r2 \|\| =1.1.37-r3 \|\| =1.1.37-r4 \|\| =1.1.38-r0 \|\| =1.1.38-r1 \|\| =1.1.39-r0 \|\| =1.1.39-r1 \|\| =1.1.42-r0 \|\| =1.1.42-r1 \|\| >=0 <1.1.43-r0	1.1.43-r0

1-10 of 18

Aliases

1. CVE-2024-555492. NVD-2024-555493. OSV-DEBIAN-2024-555494. OSV-2024-555495. OSV-ALPINE-2024-555496. SECURITY-TRACKER-CVE-2024-555497. SECURITY-CVE-2024-55549

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.