Описание
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | |
| disco | ignored | end of life, was needed |
| esm-apps/bionic | not-affected | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | not-affected | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2
TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::P ...
** DISPUTED ** TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2.
7.5 High
CVSS2
9.8 Critical
CVSS3