CVE-2013-2902

Priority
Description
Use-after-free vulnerability in the XSLT ProcessingInstruction
implementation in Blink, as used in Google Chrome before 29.0.1547.57,
allows remote attackers to cause a denial of service or possibly have
unspecified other impact via vectors related to an applyXSLTransform call
involving (1) an HTML document or (2) an xsl:processing-instruction element
that is still in the process of loading.
Assigned-to
chad
Notes
sarnoldAs of 2013-08-21, I don't know if libxslt needs an update or if
this is strictly in chromium-browser.
mdeslaurfix was in chromium, marking libxslt as not-affected
Package
Upstream:released (29.0.1547.57)
Package
Upstream:needs-triage
More Information

Updated: 2020-09-10 02:40:56 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)