CVE-2016-4571

CVE-2016-4571 affects the mxml library. The vulnerability is in the function mxml_write_node (file mxml-file.c) and can allow remote attackers to cause a denial of service via crafted XML, affecting versions 2.9, 2.7 and possibly earlier. Several advisories document fixes: Debian/DLA-1641-1 notes...

CVE-2018-20004

CVE-2018-20004 affects Mini-XML (mxml) 2.12. It describes a stack-based buffer overflow in mxml_write_node (mxml-file.c) triggered via vectors involving a double-precision number and the substring . The issue is documented across multiple advisories (e.g., Mageia MGASA-2019-0159 and Fedora update...

CVE-2016-4570

CVE-2016-4570 affects the mxml library (mxml 2.9, 2.7, and earlier) via the mxmlDelete function in mxml-node.c, allowing denial of service (stack exhaustion) when processing crafted XML files. Connected advisories confirm this vulnerability and show patched packages in multiple distros: Debian (D...

CVE-2021-42859

Mini-XML v3.2 contains a memory leak that could lead to a denial of service. Several sources (CNVD-2022-68515, SUSE CVE-2021-42859, OSV, NVD) describe the issue as a memory leak with inconsistent testing results across 3.2 and Oct 2021 development code; one CNVD entry notes the leak stems from in...

CVE-2021-42860

CVE-2021-42860 describes a stack-overflow in Mini-XML 3.2 when passing an unformed XML string to mxmlLoadString, triggering a stack-buffer-overflow in mxml_string_getc:2611. The vulnerability is documented across multiple sources (SUSE, OSV, NVD, etc.) with the same core flaw. The input’s legalit...