9.7 High
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.5%
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2
github.com/leethomason/tinyxml2/issues/675
github.com/leethomason/tinyxml2/issues/675#issuecomment-439933437
github.com/leethomason/tinyxml2/issues/675#issuecomment-462194018