CVE-2019-13118
medium
CVSS v3
5.3
CVSS v4 NEW
โ
VIR risk
5.3
Description
In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.
Predictions
Exploit likelihood
63%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
Fedora Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| 31 | Affected | โ |
macOS Affected 3 releases
| Version | Status | Fixed in |
|---|---|---|
| 10.13.6 | Affected | โ |
| 10.12.6 | Affected | โ |
| โ | Affected | 12.4 |
SUSE Affected 2 releases
| Version | Status | Fixed in |
|---|---|---|
| 15.1 | Affected | โ |
| โ | Affected | โ |
Ubuntu Affected 6 releases
| Version | Status | Fixed in |
|---|---|---|
| 19.10 | Affected | โ |
| 19.04 | Affected | โ |
| 18.04 | Affected | โ |
| 16.04 | Affected | โ |
| 14.04 | Affected | โ |
| 12.04 | Affected | โ |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 1.1.32-2.1 |
| sid | Fixed | 1.1.32-2.1 |
| forky | Fixed | 1.1.32-2.1 |
| bullseye | Fixed | 1.1.32-2.1 |
| bookworm | Fixed | 1.1.32-2.1 |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| xmlsoft | libxslt | 1.1.33 | |
| netapp | active_iq_unified_manager | - | |
| netapp | cloud_backup | - | |
| netapp | clustered_data_ontap | - | |
| netapp | e-series_performance_analyzer | - | |
| netapp | e-series_santricity_management_plug-ins | - | |
| netapp | e-series_santricity_os_controller | {"startIncluding":"11.0","endIncluding":"11.50.2"} | |
| netapp | e-series_santricity_storage_manager | - | |
| netapp | e-series_santricity_web_services | - | |
| netapp | oncommand_insight | - | |
| netapp | oncommand_workflow_automation | - | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | plug-in_for_symantec_netbackup | - | |
| netapp | santricity_unified_manager | - | |
| netapp | steelstore_cloud_integrated_storage | - | |
| oracle | jdk | 1.8.0 | |
| apple | icloud | {"endExcluding":"7.13"} | 7.13 |
| apple | icloud | {"startIncluding":"10.0","endExcluding":"10.6"} | 10.6 |
| apple | itunes | {"endExcluding":"12.9.6"} | 12.9.6 |
References
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069
- https://www.suse.com/security/cve/CVE-2019-13118.html
- https://security-tracker.debian.org/tracker/CVE-2019-13118
- https://nvd.nist.gov/vuln/detail/CVE-2019-13118
- https://github.com/sparklemotion/nokogiri/issues/1943
- https://github.com/sparklemotion/nokogiri/commit/43a175339b47b8c604508813fc75b83f13cd173e
- https://seclists.org/bugtraq/2019/Jul/37
- https://seclists.org/bugtraq/2019/Jul/40
- https://seclists.org/bugtraq/2019/Jul/41
- https://seclists.org/bugtraq/2019/Jul/42
- https://security.netapp.com/advisory/ntap-20190806-0004
- https://security.netapp.com/advisory/ntap-20200122-0003
- https://support.apple.com/kb/HT210346
- https://support.apple.com/kb/HT210348
- https://support.apple.com/kb/HT210351
- https://support.apple.com/kb/HT210353
- https://support.apple.com/kb/HT210356
- https://support.apple.com/kb/HT210357
- https://support.apple.com/kb/HT210358
- https://usn.ubuntu.com/4164-1
- https://www.oracle.com/security-alerts/cpujan2020.html
- https://seclists.org/bugtraq/2019/Jul/36
- https://seclists.org/bugtraq/2019/Jul/35
- https://seclists.org/bugtraq/2019/Aug/25
- https://seclists.org/bugtraq/2019/Aug/23
CWEs
CWE-843
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.