OESA-2022-1521
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1521
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-1521.json
- JSON Data
- https://api.osv.dev/v1/vulns/OESA-2022-1521
- Upstream
- Published
- 2022-02-11T11:03:31Z
- Modified
- 2025-09-03T06:17:40.801683Z
- Summary
- tinyxml security update
- Details
-
TinyXML parses an XML document, and builds from that a Document Object Model (DOM) that can be read, modified, and saved. XML is a very structured and convenient format. All those random file formats created to store application data can all be replaced with XML. One parser for everything.
Security Fix(es):
TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXMLUTFLEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.(CVE-2021-42260)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:20.03-LTS-SP1 / tinyxml
Package
- Name
- tinyxml
- Purl
- pkg:rpm/openEuler/tinyxml&distro=openEuler-20.03-LTS-SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.6.2-22.oe1
Ecosystem specific
{
"aarch64": [
"tinyxml-debuginfo-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-debugsource-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-devel-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-2.6.2-22.oe1.aarch64.rpm"
],
"x86_64": [
"tinyxml-debugsource-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-debuginfo-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-devel-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-2.6.2-22.oe1.x86_64.rpm"
],
"src": [
"tinyxml-2.6.2-22.oe1.src.rpm"
]
}
openEuler:20.03-LTS-SP2 / tinyxml
Package
- Name
- tinyxml
- Purl
- pkg:rpm/openEuler/tinyxml&distro=openEuler-20.03-LTS-SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.6.2-22.oe1
Ecosystem specific
{
"aarch64": [
"tinyxml-devel-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-debugsource-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-debuginfo-2.6.2-22.oe1.aarch64.rpm"
],
"x86_64": [
"tinyxml-debugsource-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-devel-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-debuginfo-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-2.6.2-22.oe1.x86_64.rpm"
],
"src": [
"tinyxml-2.6.2-22.oe1.src.rpm"
]
}
openEuler:20.03-LTS-SP3 / tinyxml
Package
- Name
- tinyxml
- Purl
- pkg:rpm/openEuler/tinyxml&distro=openEuler-20.03-LTS-SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.6.2-22.oe1
Ecosystem specific
{
"aarch64": [
"tinyxml-devel-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-debuginfo-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-debugsource-2.6.2-22.oe1.aarch64.rpm",
"tinyxml-2.6.2-22.oe1.aarch64.rpm"
],
"x86_64": [
"tinyxml-debugsource-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-debuginfo-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-devel-2.6.2-22.oe1.x86_64.rpm",
"tinyxml-2.6.2-22.oe1.x86_64.rpm"
],
"src": [
"tinyxml-2.6.2-22.oe1.src.rpm"
]
}