First published: Wed Apr 10 2019(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
debian/libxslt | 1.1.34-4+deb11u1 1.1.35-1 1.1.35-1.1 | |
libxslt | <=1.1.33 | |
Ubuntu | =12.04 | |
Ubuntu | =14.04 | |
Ubuntu | =16.04 | |
Ubuntu | =18.04 | |
Ubuntu | =18.10 | |
Debian | =8.0 | |
Fedora | =29 | |
Fedora | =30 | |
Oracle OpenJDK 1.8.0 | =8.0-update_221 | |
NetApp Active IQ Unified Manager for VMware vSphere | ||
NetApp Active IQ Unified Manager | ||
NetApp Cloud Backup | ||
NetApp E-Series SANtricity Management Plug-ins for VMware vCenter | ||
NetApp E-Series SANtricity OS Controller | >=11.0<=11.70.2 | |
NetApp SANtricity Storage Manager | ||
NetApp SANtricity Unified Manager | ||
NetApp E-Series SANtricity Web Services | ||
NetApp Element OS | ||
NetApp SolidFire & HCI Management Node | ||
NetApp OnCommand Insight | ||
NetApp OnCommand Workflow Automation | ||
NetApp Plug-in for Symantec NetBackup | ||
NetApp E-Series SANtricity Unified Manager | ||
NetApp SnapManager for SAP | ||
NetApp SnapManager for Oracle | ||
NetApp SolidFire & HCI Storage Node | ||
NetApp SteelStore Cloud Integrated Storage | ||
SUSE Linux | =15.0 | |
SUSE Linux | =15.1 | |
SUSE Linux | =42.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-11068 is a vulnerability in libxslt through version 1.1.33 that allows bypass of a protection mechanism.
CVE-2019-11068 has a severity rating of 9.8 (critical).
CVE-2019-11068 affects libxslt versions 1.1.32-2.2~deb10u1, 1.1.32-2.2~deb10u2, 1.1.34-4+deb11u1, and 1.1.35-1.
On Debian, the remedy for CVE-2019-11068 is to update libxslt to version 1.1.34-4+deb11u1 or later. On Ubuntu, the remedy depends on the specific version you are using, refer to the relevant security notice for detailed instructions.
You can find more information about CVE-2019-11068 in the CVE entry and the relevant Ubuntu security notices.