UBUNTU-CVE-2021-42859

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2021-42859

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-42859.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2021-42859

Withdrawn

2025-06-23T15:54:06Z

Published

2022-05-26T12:15:00Z

Modified

2022-05-26T12:15:00Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

** DISPUTED ** A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release.

References

Affected packages

Ubuntu:Pro:16.04:LTS / mxml

Package

Name: mxml
Purl: pkg:deb/ubuntu/mxml

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.7-1

2.9-0ubuntu1

2.9-0ubuntu2

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-42859.json"

Ubuntu:Pro:18.04:LTS / mxml

Package

Name: mxml
Purl: pkg:deb/ubuntu/mxml

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.10-1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-42859.json"

Ubuntu:20.04:LTS / mxml

Package

Name: mxml
Purl: pkg:deb/ubuntu/mxml

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.12-2

3.*

3.1-1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-42859.json"

Ubuntu:22.04:LTS / mxml

Package

Name: mxml
Purl: pkg:deb/ubuntu/mxml

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.2-1

3.3-1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-42859.json"

Ubuntu:24.04:LTS / mxml

Package

Name: mxml
Purl: pkg:deb/ubuntu/mxml

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.3.1-1

3.3.1-1build1

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2021/UBUNTU-CVE-2021-42859.json"