First published: Tue Dec 31 2019(Updated: )
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content() tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ezxml Project Ezxml | >=0.8.3<=0.8.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2019-20202.
The severity level of CVE-2019-20202 is medium (6.5).
Versions 0.8.3 through 0.8.6 of ezXML are affected by CVE-2019-20202.
The CWE ID associated with CVE-2019-20202 is CWE-763.
To fix CVE-2019-20202, update ezXML to a version higher than 0.8.6.