Filtered by vendor Ezxml Project
Subscribe
Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-31598 | 2 Debian, Ezxml Project | 2 Debian Linux, Ezxml | 2022-05-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow. | |||||
| CVE-2021-26220 | 1 Ezxml Project | 1 Ezxml | 2021-02-10 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2021-26221 | 1 Ezxml Project | 1 Ezxml | 2021-02-10 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2021-26222 | 1 Ezxml Project | 1 Ezxml | 2021-02-10 | 5.8 MEDIUM | 8.1 HIGH |
| The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. | |||||
| CVE-2019-20006 | 1 Ezxml Project | 1 Ezxml | 2020-01-02 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault. | |||||