Shodan
Vulnerabilities
Vulnerable Software
Ezxml Project:  >> Ezxml  Security Vulnerabilities
CVE-2022-30045
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-05-17
CVE-2021-31598
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.
CVSS Score
7.5
EPSS Score
0.007
Published
2021-04-24
CVE-2021-31347
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap).
CVSS Score
6.5
EPSS Score
0.012
Published
2021-04-16
CVE-2021-31348
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn failure).
CVSS Score
6.5
EPSS Score
0.009
Published
2021-04-16
CVE-2021-31229
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a one byte constant.
CVSS Score
6.5
EPSS Score
0.015
Published
2021-04-15
CVE-2021-30485
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference while running strcmp() on a NULL pointer.
CVSS Score
6.5
EPSS Score
0.015
Published
2021-04-11
CVE-2021-26220
The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-02-08
CVE-2021-26221
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-02-08
CVE-2021-26222
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-02-08
CVE-2019-20201
An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML entities, leading to an infinite loop in which memory allocations occur.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved