Ezxml Project: >> Ezxml >> 0.8.4 Security Vulnerabilities
The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-02-08
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-02-08
The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB write when opening XML file after exhausting the memory pool.
CVSS Score
8.1
EPSS Score
0.004
Published
2021-02-08
An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_* functions mishandle XML entities, leading to an infinite loop in which memory allocations occur.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-12-31
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content() tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-12-31
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_ent_ok() mishandles recursion, leading to stack consumption for a crafted XML file.
CVSS Score
6.5
EPSS Score
0.007
Published
2019-12-31
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to NULL pointer dereference while running strlen() on a NULL pointer.
CVSS Score
6.5
EPSS Score
0.008
Published
2019-12-31
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature.
CVSS Score
6.5
EPSS Score
0.005
Published
2019-12-31
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr() starting with a pointer after a '\0' character (where the processing of a string was finished).
CVSS Score
6.5
EPSS Score
0.007
Published
2019-12-26
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content puts a pointer to the internal address of a larger block as xml->txt. This is later deallocated (using free), leading to a segmentation fault.
CVSS Score
7.5
EPSS Score
0.004
Published
2019-12-26
Page 1