In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
msweet mini-xml 2.12 |
||
fedoraproject fedora 28 |
||
fedoraproject fedora 29 |