VDB
GCVE-110-MAGEIA-2019-159
GCVE-110-MAGEIA-2019-159
Advisory Published
Updated mxml packages fix security vulnerabilities:
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based
buffer overflow in mxml_write_node in mxml-file.c via vectors involving
a double-precision floating point number and the '<order type="real">'
substring, as demonstrated by testmxml (CVE-2018-20004).
An issue has been found in Mini-XML (aka mxml) 2.12. It is a
use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by
mxmldoc (CVE-2018-20005).
In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd
function of the mxml-node.c file. Remote attackers could leverage this
vulnerability to cause a denial-of-service via a crafted xml file, as
demonstrated by mxmldoc (CVE-2018-20592).
In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in
the scan_file function in mxmldoc.c (CVE-2018-20593).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | mxml | 0 (affected), 3.0-1.mga6 (unaffected), 3.0-1.mga6 (unaffected), 0 (affected) | — |
| Mageia | anki | 0 (affected), 2.1.15-1.1.mga7 (unaffected) | — |
Browse GCVE Records
73,280 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.