Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

mini-xml vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2021-42860
A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a stack-buffer-overflow in mxml_string_getc:2611. NOTE: it is unclear whether this input is allowed by the API specification
Mini-xml Project Mini-xml 3.2
5
CVSSv2
CVE-2021-42859
A memory leak issue exists in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release
Mini-xml Project Mini-xml 3.2
4.3
CVSSv2
CVE-2018-20593
In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
Msweet Mini-xml 2.12Fedoraproject Fedora 28Fedoraproject Fedora 29
4.3
CVSSv2
CVE-2018-20592
In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
Msweet Mini-xml 2.12Fedoraproject Fedora 28Fedoraproject Fedora 29
6.8
CVSSv2
CVE-2018-20004
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml...
Mini-xml Project Mini-xml 2.12Debian Debian Linux 8.0Fedoraproject Fedora 28Fedoraproject Fedora 29
4.3
CVSSv2
CVE-2018-20005
An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.
Msweet Mini-xml 2.12Fedoraproject Fedora 28Fedoraproject Fedora 29
7.1
CVSSv2
CVE-2016-4570
The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote malicious users to cause a denial of service (stack consumption) via crafted xml file.
Mini-xml Project Mini-xmlMini-xml Project Mini-xml 2.9Debian Debian Linux 8.0
7.1
CVSSv2
CVE-2016-4571
The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote malicious users to cause a denial of service (stack consumption) via crafted xml file.
Mini-xml Project Mini-xmlMini-xml Project Mini-xml 2.9Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook