CVE-2021-31598

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.

Summary:

An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted XML files, leading to a heap-based buffer overflow.

Reference Links(if available):

  • https://sourceforge.net/p/ezxml/bugs/28/
  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)