CVE-2017-2477

Metadata

high
7.5
libxslt
CVE-2017-2477
cve.mitre.org, support.apple.com
2017-04-01
2017-11-16 16:03
CVE-2017-2477 libxslt
2017-10-23 14:17
2017-10-16 20:03
2017-09-13 21:04
2017-08-01 15:04
2017-07-20 21:30
2017-06-16 19:21
2017-06-12 19:03
2017-05-12 16:03
2017-05-10 23:46
2017-04-14 10:20
2017-04-04 02:03

Description

An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "libxslt" component. It allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
artful libxslt None
devel libxslt None
precise/esm libxslt None
trusty libxslt None
xenial libxslt None
zesty libxslt None

Unaffected

Release Package Reason
precise libxslt ignored
vivid/stable-phone-overlay libxslt DNE
vivid/ubuntu-core libxslt DNE
yakkety libxslt ignored

Needs Triage

Release Package Reason
upstream libxslt needs-triage