CVE-2021-42859

NameCVE-2021-42859
Description** DISPUTED ** A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
mxml (PTS)buster2.12-2undetermined
bullseye3.2-1undetermined
bookworm, sid3.3-1undetermined

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
mxmlsource(unstable)undetermined

Notes

https://github.com/michaelrsweet/mxml/issues/286
check, unclear details from reporter and upstream cannot reproduce on current master
Search for package or bug name: Reporting problems