Security Advisory Description
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. (CVE-2019-11068)
Impact
BIG-IP
This vulnerability allows an unauthenticated attacker with network access to cause a partial denial-of-service (DoS) on reporting and statistics generation by sending crafted requests. The attacker must gather knowledge about the environment in which the vulnerable component exists.
Traffix SDC
An authenticated remote attacker with access to the Traffix SOAP API may potentially bypass controls in writing configuration files.