Tinyxml Project Tinyxml vulnerabilities
2 known vulnerabilities affecting tinyxml_project/tinyxml.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2023-34194HIGHCVSS 7.5≤ 2.6.22023-12-13
CVE-2023-34194 [HIGH] CWE-617 CVE-2023-34194: StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.
nvdosv
CVE-2021-42260HIGHCVSS 7.5≥ 2.3.2, ≤ 2.6.2v2.3.0+1 more2021-10-11
CVE-2021-42260 [HIGH] CWE-835 CVE-2021-42260: TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the T
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.
nvdosv