Описание
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mapcache | unfixed | package | ||
| scilab | fixed | 2024.1.0+dfsg1-1 | package | |
| netcdf | fixed | 1:4.9.0-1 | package | |
| netcdf | ignored | bullseye | package | |
| netcdf | ignored | buster | package | |
| netcdf-parallel | fixed | 1:4.9.0-1 | package | |
| netcdf-parallel | ignored | bullseye | package | |
| netcdf-parallel | ignored | buster | package |
Примечания
https://sourceforge.net/p/ezxml/bugs/29/
mapcache only uses ezxml to parse config files which are trusted
EPSS
Связанные уязвимости
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap out-of-bounds read.
Уязвимость функции ezxml_decode библиотеки для синтаксического анализа XML-документов ezXML, позволяющая нарушителю вызвать отказ в обслуживании
EPSS