CVE-2021-42859

Published: May 26, 2022Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release

Affected (1)

Products: Mini Xml Project: Mini Xml

Mini Xml Project

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mini Xml Project Mini Xml	Version 3.2

Related CWEs

Missing Release of Resource after Effective Lifetime

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

References (2)

https://github.com/michaelrsweet/mxml/issues/286

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://github.com/michaelrsweet/mxml/issues/286

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

Timeline

No history available yet.