3 matches found
CVE-2018-20592
CVE-2018-20592 affects Mini-XML (mxml) 2.12, with a use-after-free in mxmlAdd in mxml-node.c that can cause denial of service via a crafted XML file (as shown by mxmldoc). Connected sources indicate fixes in newer mxml releases (e.g., Fedora/Mageia advisories referencing updates to v3.0 and relat...
CVE-2018-20005
CVE-2018-20005 affects Mini-XML (mxml) 2.12. The issue is a use-after-free in mxmlWalkNext (mxml-search.c). Connected advisories note updates to fix multiple mxml issues (including CVE-2018-20005) in Mageia/Fedora channels; patches exist but exact patched versions are not specified in the provide...
CVE-2018-20593
CVE-2018-20593 affects Mini-XML (mxml) 2.12, with a stack-based buffer overflow in the scan_file function of mxmldoc.c. Connected advisories confirm the issue across multiple distributions and track a set of related CVEs (CVE-2018-20004, -20005, -20592, -20593), indicating the vulnerability arise...