In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-10-18T20:07:17
Updated: 2020-05-28T23:06:08
Reserved: 2019-10-18T00:00:00
Link: CVE-2019-18197
JSON object: View
NVD Information
Status : Modified
Published: 2019-10-18T21:15:10.793
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-18197
JSON object: View
Redhat Information
No data.