5 matches found
Astra Linux – Vulnerability in netcdf
A issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmldecode performs incorrect memory handling during the parsing of crafted XML files, resulting in a heap-based buffer overflow...
PT-2024-25854 · Libxmljs2 · Libxmljs2
Name of the Vulnerable Software and Affected Versions: libxmljs2 affected versions not specified Description: The issue is related to a type confusion vulnerability that occurs when parsing a specially crafted XML. This happens while invoking a function on the result of attrs that was called on a...
SUSE CVE-2019-20005
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr starting with a pointer after a '\0' character where the processing of a string was...
Denial of Service (DoS)
Overview nokogiri is a gem for parsing HTML, XML, SAX, and Reader. Affected versions of this package are vulnerable to Denial of Service DoS via the xerces:xercesImpldependency, as its XML parser consumes excessive amount of resources when handling specially crafted XML document payloads due to a...
UBUNTU-CVE-2021-31229
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxmlinternaldtd performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a one byte constant...