Ezxml Project
ezxml_project
17 CVEs • 1 product
Products (1)
Click to collapseToggle
Products (1)
Click to collapse
CVEs (17)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read. |
2Debian Ezxml Project2Debian Linux EzxmlNov 21, 2024 Apr 24, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow. |
2Debian Ezxml Project2Debian Linux EzxmlNov 21, 2024 Apr 16, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn failure). |
2Debian Ezxml Project2Debian Linux EzxmlNov 21, 2024 Apr 16, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap). |
2Debian Ezxml Project2Debian Linux EzxmlNov 21, 2024 Apr 15, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a one byte constant. |
2Debian Ezxml Project2Debian Linux EzxmlNov 21, 2024 Apr 11, 2021 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp()...Show more |
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. |
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. |
The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool. |
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content() tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault. |
An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML entities, leading to an infinite loop in which memory allocations occur. |
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endin...Show more |
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running strlen() on a NULL...Show more |
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_ent_ok() mishandles recursion, leading to stack consumption for a crafted XML file. |
An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezxml_str2utf8, while parsing a crafted XML file, performs zero-length reallocation in ezxml.c, leading to returning a NULL pointer (in some compilers)....Show more |
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentatio...Show more |
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr() start...Show more |