CVE-2018-20592

Name of the Vulnerable Software and Affected Versions Mini-XML version 2.12

Description The issue is related to a use-after-free in the mxmlAdd function of the mxml-node.c file. This could allow remote attackers to cause a denial-of-service via a crafted XML file.

Recommendations For Mini-XML version 2.12, consider avoiding the use of the mxmlAdd function until a patch is available. As a temporary workaround, restrict the processing of crafted XML files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.