Oracle Java JDK CVE-2019-18197 Use After Free Vulnerability

description-logoDescription

In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn\'t reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be disclosed.

affected-products-logoAffected Applications

Java JDK

CVE References

CVE-2019-18197