Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-34194 | 1 Tinyxml Project | 1 Tinyxml | 2024-11-21 | N/A | 7.5 HIGH |
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace. | |||||
CVE-2021-42260 | 2 Debian, Tinyxml Project | 2 Debian Linux, Tinyxml | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service. |