CVEs referencing
https://github.com/michaelrsweet/mxml/issues/237

Copy

CVE-2018-20592

In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.

Max Base Score

5.5

Published

2018-12-30

Updated

2019-04-03

EPSS

0.88%

CVE-2018-20593

In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.

Max Base Score

5.5

Published

2018-12-30

Updated

2020-08-24

EPSS

0.17%

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!