CVE-2021-42859
- EPSS 0.26%
- Veröffentlicht 26.05.2022 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:28:14
A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seei...
CVE-2021-42860
- EPSS 0.28%
- Veröffentlicht 26.05.2022 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:28:14
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: it is unclear whether this input is allowed by the API specificati...
CVE-2018-20004
- EPSS 0.81%
- Veröffentlicht 10.12.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 04:00:43
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by test...
CVE-2016-4570
- EPSS 0.81%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.
CVE-2016-4571
- EPSS 0.81%
- Veröffentlicht 03.02.2017 15:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file.