In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted xml file, as demonstrated by mxmldoc.
References
Configurations
History
07 Nov 2023, 02:56
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-12-30 18:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-20592
Mitre link : CVE-2018-20592
CVE.ORG link : CVE-2018-20592
JSON object : View
Products Affected
msweet
- mini-xml
fedoraproject
- fedora
CWE
CWE-416
Use After Free