Vulnerabilities (CVE)

Filtered by vendor Tinyxml Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-34194 1 Tinyxml Project 1 Tinyxml 2024-11-21 N/A 7.5 HIGH
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.
CVE-2021-42260 2 Debian, Tinyxml Project 2 Debian Linux, Tinyxml 2024-11-21 5.0 MEDIUM 7.5 HIGH
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.