Debian Tinyxml vulnerabilities
2 known vulnerabilities affecting debian/tinyxml.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2023-34194HIGHCVSS 7.5fixed in tinyxml 2.6.2-6+deb12u1 (bookworm)2023
CVE-2023-34194 [HIGH] CVE-2023-34194: tinyxml - StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2...
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.
Scope: local
bookworm: resolved (fixed in 2.6.2-6+deb12u1)
bullseye: resolved (fixed in 2.6.2-4+deb11u2)
forky: resolved (fixed in 2.6.2-6.1)
sid: resolved (fixed in 2.6
debian
CVE-2021-42260HIGHCVSS 7.5fixed in tinyxml 2.6.2-6 (bookworm)2021
CVE-2021-42260 [HIGH] CVE-2021-42260: tinyxml - TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxml...
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.
Scope: local
bookworm: resolved (fixed in 2.6.2-6)
bullseye: resolved (fixed in 2.6.2-4+deb11u1)
forky: resolved (fixed in 2.6.2-6)
sid: resolved (fixed in 2.6.2-6)
tr
debian