20 matches found
Advisory ROSA-SA-2024-2546
software: tinyxml 2.6.2 OS: ROSA-CHROME packageevrstring: tinyxml-2.6.2-8 CVE-ID: CVE-2021-42260 BDU-ID: 2022-06895 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the TiXmlParsingData::Stamp function of the tinyxmlParser.cpp component of the TinyXML XML parser is related to the execution of a loop...
Fedora 40 : tinyxml (2024-763ac380b6)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-763ac380b6 advisory. Automatic update for tinyxml-2.6.2-28.fc40. Changelog Wed Jan 3 2024 Dominik Mierzejewski - 2.6.2-28 - apply Debian patch to fix CVE-2021-42260...
Fedora 38 : tinyxml (2024-c9dc0ac419)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c9dc0ac419 advisory. Bugfix release. Includes security fixes for CVE-2021-42260 and CVE-2023-34194 and a fix for incorrect text element encoding upstream isssue 51...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : TinyXML vulnerability (USN-6542-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6542-1 advisory. Wang Zhong discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a...
Debian dla-3130 : libtinyxml-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3130 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3130-1 [email protected] https://www.debian.org/lts/security/...
Debian: Security Advisory (DLA-3130-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3130-1] tinyxml security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3130-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 01, 2022 https://wiki.debian.org/LTS -...
Debian: Security Advisory (DLA-2988-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2022-1521 tinyxml security update
TinyXML parses an XML document, and builds from that a Document Object Model DOM that can be read, modified, and saved. XML is a very structured and convenient format. All those random file formats created to store application data can all be replaced with XML. One parser for everything. Security...
MGASA-2021-0514 Updated tinyxml packages fix security vulnerability
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXMLUTFLEAD0 case. It can be triggered by a crafted XML message and leads to a denial of service. CVE-2021-42260...
openSUSE 15 Security Update : tinyxml (openSUSE-SU-2021:1474-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1474-1 advisory. - TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXMLUTFLEAD0 case. It can be triggered by a...
openSUSE: Security Advisory for tinyxml (openSUSE-SU-2021:1474-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:1474-1 Security update for tinyxml
This update for tinyxml fixes the following issues: - CVE-2021-42260: Fixed an infinite loop for inputs containing the sequence 0xEF0x00 bsc1191576 This update was imported from the SUSE:SLE-15:Update update project...
Security update for tinyxml (low)
openSUSE Security Update: Security update for tinyxml Announcement ID: openSUSE-SU-2021:1474-1 Rating: low References: 1191576 Cross-References: CVE-2021-42260 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for tinyxml fixes...
openSUSE 15 Security Update : tinyxml (openSUSE-SU-2021:3639-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:3639-1 advisory. - TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXMLUTFLEAD0 case. It can be triggered by a...
OPENSUSE-SU-2021:3639-1 Security update for tinyxml
This update for tinyxml fixes the following issues: - CVE-2021-42260: Fixed an infinite loop for inputs containing the sequence 0xEF0x00 bsc1191576...
CVE-2021-42260
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXMLUTFLEAD0 case. It can be triggered by a crafted XML message and leads to a denial of service...
CVE-2021-42260 vulnerabilities
Vulnerabilities for packages: tinyxml...
CVE-2021-42260 vulnerabilities
Vulnerabilities for packages: tinyxml...
CVE-2021-42260
CVE-2021-42260 affects TinyXML up to version 2.6.2. A crafted XML message can trigger an infinite loop in TiXmlParsingData::Stamp() inside tinyxmlparser.cpp when processing the TIXML_UTF_LEAD_0 case, causing a denial of service. Connected advisories confirm the issue and note mitigating fixes are...