Uploaded image for project: 'Xerces-C++'
  1. Xerces-C++
  2. XERCESC-2188

Use-after-free on external DTD scan

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.0.0, 3.0.1, 3.0.2, 3.1.0, 3.1.1, 3.1.2, 3.2.0, 3.1.3, 3.1.4, 3.2.1, 3.2.2
    • Fix Version/s: None
    • Component/s: Validating Parser (DTD)
    • Labels:
      None

      Description

      This is a record of an unfixed bug reported in 2018 in the DTD scanner, per the attached PDF, corresponding to CVE-2018-1311.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              scantor Scott Cantor
            • Votes:
              2 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

              • Created:
                Updated: