CVE-2018-20005

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.
Group Package Affected Fixed Severity Status Ticket
AVG-922 mxml 2.12-1 3.0-1 High Fixed
References
https://github.com/michaelrsweet/mxml/commit/eadf40fa7049e43dd5757df5945e9ec1c491e8a4
https://github.com/fouzhe/security/tree/master/mxml#heap-use-after-free-in-function-mxmlwalknext