CVE-2018-20005

NONE EPSS 61.8%
Published Dec 10, 20187y ago ยท Modified Jun 17, 20262w ago
Find Similar
Published Dec 10, 2018 7y ago
Last Modified Jun 17, 2026 2w ago

Description

An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.

Threat Intelligence

EPSS Exploit Probability
61.8% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-416 Use After Free Memory Safety

Affected Products 3

VendorProductVersionRange
msweetmini-xml2.12any
fedoraprojectfedora28any
fedoraprojectfedora29any

References 4

  • github.com https://github.com/fouzhe/security/tree/master/mxml#heap-use-after-free-in-function-mxmlwalknext
    ExploitThird Party Advisory
  • github.com https://github.com/michaelrsweet/mxml/issues/234
    Issue TrackingThird Party Advisory
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N53IJHDYR5HVQLKH4J6B27OEQLGKSGY5/
  • lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNWF6BAU7S42O4LE4B74KIMHFE2HDNMI/

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.