Описание
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | ignored | will not be fixed upstream |
| esm-apps/bionic | ignored | will not be fixed upstream |
| esm-apps/focal | ignored | will not be fixed upstream |
| esm-apps/jammy | ignored | will not be fixed upstream |
| esm-apps/noble | ignored | will not be fixed upstream |
| esm-apps/xenial | ignored | will not be fixed upstream |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| groovy | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | needs-triage | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| groovy | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 1:4.9.3-1build1 |
| esm-apps/bionic | not-affected | code not present |
| esm-apps/focal | ignored | changes too intrusive |
| esm-apps/jammy | ignored | changes too intrusive |
| esm-apps/noble | not-affected | 1:4.9.2-5ubuntu4 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra-legacy/trusty | not-affected | code not present |
| focal | ignored | end of standard support, was ignored [changes too intrusive] |
| groovy | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 1:4.9.3-2build2 |
| esm-apps/focal | ignored | changes too intrusive |
| esm-apps/jammy | ignored | changes too intrusive |
| esm-apps/noble | not-affected | 1:4.9.0-1ubuntu4 |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| groovy | ignored | end of life |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | needed | |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| groovy | ignored | end of life |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature.
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature.
Уязвимость функции ezxml_decode библиотеки для синтаксического анализа XML-документов ezXML, позволяющая нарушителю вызвать отказ в обслуживании
4.3 Medium
CVSS2
6.5 Medium
CVSS3