CVE-2021-42859

Exploit

EPSS 0.26%
Veröffentlicht 26.05.2022 12:15:07
Zuletzt bearbeitet 21.11.2024 06:28:14
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mini-xml Project ≫ Mini-xml Version3.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.26%	0.491

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-772 Missing Release of Resource after Effective Lifetime

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

https://github.com/michaelrsweet/mxml/issues/286

Third Party Advisory

Exploit

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2021-42859

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-42859

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-42859

EUVD