NotCVE - vendor:"Mini-xml Project"

5 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-42860

https://notcve.org/view.php?id=CVE-2021-42860

26 May 2022 — A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: it is unclear whether this input is allowed by the API specification ** EN DISPUTA ** Se presenta un desbordamiento del buffer de pila en Mini-XML v3.2. Cuando es introducida una cadena XML no formada en la API mxmlLoadString, es causado un desbordamiento del búfer de pila en mxml_string_getc:2611. NOTA: no está claro si esta ... • https://github.com/michaelrsweet/mxml/issues/286 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-42859

https://notcve.org/view.php?id=CVE-2021-42859

26 May 2022 — A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release ** EN DISPUTA ** Se ha detectado un problema de pérdida de memoria en Mini-XML versión v3.2, que podría causar una denegación de servicio. NOTA: los informes de las pruebas son inconsistentes, ya que algunos probadores ven el prob... • https://github.com/michaelrsweet/mxml/issues/286 • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 2

CVE-2018-20004

https://notcve.org/view.php?id=CVE-2018-20004

10 Dec 2018 — An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '' substring, as demonstrated by testmxml. Se ha encontrado un problema en Mini-XML (también conocido como mxml) 2.12. Se trata de un desbordamiento de búfer basado en pila en mxml_write_node en mxml-file.c mediante vectores relacionados con un número de punto flotante con doble precisión y la subc... • https://github.com/fouzhe/security/tree/master/mxml#stack-buffer-overflow-in-function-mxml_write_node • CWE-787: Out-of-bounds Write •

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

CVE-2016-4570

https://notcve.org/view.php?id=CVE-2016-4570

03 Feb 2017 — The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. La función mxmlDelete en mxml-node.c en mxml 2.9, 2.7 y posiblemente versiones anteriores permite a atacantes remotos provocar una denegación de servicio (consumo de pila) a través de un archivo xml manipulado. • http://www.openwall.com/lists/oss-security/2016/05/09/16 • CWE-400: Uncontrolled Resource Consumption •

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

CVE-2016-4571

https://notcve.org/view.php?id=CVE-2016-4571

03 Feb 2017 — The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. La función mxml_write_node en mxml-file.c en mxml 2.9, 2.7 y posiblemente versiones anteriores permite a atacantes remotos provocar una denegación de servicio (consumo de pila) a través de un archivo xml manipulado. • http://www.openwall.com/lists/oss-security/2016/05/09/16 • CWE-400: Uncontrolled Resource Consumption •