debian · CVE-2011-1425

Quick triage

Priority: not yet assigned 公開: Updated: Mon, 13 Jul 2026 06:39:44 GMT

参照: Official debian advisory, NVD, CVE.org · CVE 詳細

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2011-1425 not yet assigned priority: Debian including 1 source packages (xmlsec1), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.

Description:

xslt.c in XML Security Library (aka xmlsec) before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.

cvelogic Threat Intelligence