64 matches found
CVE-2024-50614
TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...
TinyXML2 安全漏洞
TinyXML2 is a C++ based open source XML parser by Lee Thomason, an individual developer. A security vulnerability exists in TinyXML2 10.0.0 and earlier versions, which stems from a reachable assertion against UINTMAX/16 in tinyxml2.cpp XMLUtil::GetCharacterRef, which may cause the application to...
PT-2024-34360 · Tinyxml2 +1 · Tinyxml2 +1
Name of the Vulnerable Software and Affected Versions: TinyXML2 versions prior to 10.0.1 Description: The issue is related to a reachable assertion for UINT MAX/16 in tinyxml2.cpp, specifically in the XMLUtil::GetCharacterRef function. This may lead to an application exit. Recommendations: For...
CVE-2024-50615
TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...
CVE-2024-50615
TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...
CVE-2024-50615
TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...
CVE-2024-50615
Summary: CVE-2024-50615 affects TinyXML-2 up to and including 10.0.0, with a reachable assertion in XMLUtil::GetCharacterRef that may cause an application exit. The connected OSV entries document multiple security updates for tinyxml2 across platforms and note the same root cause (UINT_MAX/digit)...
SUSE CVE-2018-11210
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...
CVE-2018-11210
DISPUTED TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...
tinyxml2/xmltest: Use-of-uninitialized-value in tinyxml2::StrPair::ParseText
Detailed report: https://oss-fuzz.com/testcase?key=5752728054136832 Project: tinyxml2 Fuzzer: libFuzzertinyxml2xmltest Fuzz target binary: xmltest Job Type: libfuzzermsantinyxml2 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: tinyxml2::StrPair::ParseText...
tinyxml2/xmltest: Use-of-uninitialized-value in tinyxml2::XMLUtil::StringEqual
Project: https://github.com/leethomason/tinyxml2.git Detailed report: https://oss-fuzz.com/testcase?key=5763247731376128 Project: tinyxml2 Fuzzer: libFuzzerxmltest Fuzz target binary: xmltest Job Type: libfuzzermsantinyxml2 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...
Heap-Based Buffer Over-read
TinyXML2 is vulnerable to heap-based buffer over-read. The vulnerability can be triggered when the attacker parses a malicious data to XMLDocument::Parse function...
TinyXML2 'XMLDocument::Parse' function heap buffer overflow vulnerability
TinyXML2 is a C++-based open source XML parser . A heap buffer overflow vulnerability exists in the 'XMLDocument::Parse' function of the libtinyxml2.so file in TinyXML2 version 6.2.0. An attacker can exploit this vulnerability to cause a buffer out-of-bounds read...
UBUNTU-CVE-2018-11210
DISPUTED TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...
DEBIAN-CVE-2018-11210
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...
Heap overflow
DISPUTED TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...
CVE-2018-11210
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...
CVE-2018-11210
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...
CVE-2018-11210
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...
CVE-2018-11210
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2...