Mini-xml Project Mini-xml — known CVE vulnerabilities
Every CVE whose affected-product data names Mini-xml Project Mini-xml, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2018-20004 — CVSS 8.8 (high): An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors…
CVE-2021-42859 — CVSS 7.5 (high): A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some…
CVE-2021-42860 — CVSS 7.5 (high): A stack buffer overflow exists in Mini-XML v3.2. When inputting an unformed XML string to the mxmlLoadString API, it will cause a…
CVE-2016-4570 — CVSS 5.5 (medium): The mxmlDelete function in mxml-node.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service (stack…
CVE-2016-4571 — CVSS 5.5 (medium): The mxml_write_node function in mxml-file.c in mxml 2.9, 2.7, and possibly earlier allows remote attackers to cause a denial of service…