Описание
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 2.6.2-6.1 |
| esm-apps/bionic | released | 2.6.2-4ubuntu0.18.04.1~esm2 |
| esm-apps/focal | released | 2.6.2-4+deb10u2build0.20.04.1 |
| esm-apps/jammy | released | 2.6.2-6ubuntu0.22.04.1 |
| esm-apps/noble | not-affected | 2.6.2-6.1 |
| esm-infra/xenial | released | 2.6.2-3ubuntu0.1~esm2 |
| focal | released | 2.6.2-4+deb10u2build0.20.04.1 |
| jammy | released | 2.6.2-6ubuntu0.22.04.1 |
| lunar | ignored | end of life, was needs-triage |
Показывать по
7.5 High
CVSS3
Связанные уязвимости
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML ...
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.
Уязвимость функции TiXmlDeclaration::Parse() компонента tinyxmlparser.cpp XML-парсера TinyXML, позволяющая нарушителю вызвать отказ в обслуживании
7.5 High
CVSS3