Latest ezxml project ezxml Vulnerabilities

CVE-2022-30045
Ezxml Project Ezxml=0.8.6
CVE-2021-31598
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.
Ezxml Project Ezxml=0.8.6
Debian Debian Linux=9.0
CVE-2021-31348
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn fail...
Ezxml Project Ezxml=0.8.6
Debian Debian Linux=9.0
CVE-2021-31347
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap...
Ezxml Project Ezxml=0.8.6
Debian Debian Linux=9.0
CVE-2021-31229
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a o...
Ezxml Project Ezxml=0.8.6
Debian Debian Linux=9.0
CVE-2021-30485
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference whi...
Ezxml Project Ezxml=0.8.6
Debian Debian Linux=9.0
CVE-2021-26222
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
Ezxml Project Ezxml<=0.8.6
CVE-2021-26221
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
Ezxml Project Ezxml<=0.8.6
CVE-2021-26220
The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
Ezxml Project Ezxml<=0.8.6
CVE-2019-20202
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content() tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault.
Ezxml Project Ezxml>=0.8.3<=0.8.6
CVE-2019-20201
An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML entities, leading to an infinite loop in which memory allocations occur.
Ezxml Project Ezxml>=0.8.3<=0.8.6
CVE-2019-20198
Ezxml Project Ezxml>=0.8.3<=0.8.6
CVE-2019-20199
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running...
Ezxml Project Ezxml>=0.8.3<=0.8.6
CVE-2019-20005
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while ru...
Ezxml Project Ezxml>=0.8.3<=0.8.6
CVE-2019-20006
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), lead...
Ezxml Project Ezxml>=0.8.3<=0.8.6
CVE-2019-20007
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer (...
Ezxml Project Ezxml>=0.8.2<=0.8.6

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203