Tinyxml2 Project Tinyxml2 — known CVE vulnerabilities
Every CVE whose affected-product data names Tinyxml2 Project Tinyxml2, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2018-11210 — CVSS 9.8 (critical): TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have…
CVE-2024-50614 — CVSS 6.5 (medium): TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp…
CVE-2024-50615 — CVSS 6.5 (medium): TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp…