Home > Vulnerability Database > CVE-2021-42859

Mend.io Vulnerability Database

CVE-2021-42859

Date: May 26, 2022

** DISPUTED ** A memory leak issue was discovered in Mini-XML v3.2 that could cause a denial of service. NOTE: testing reports are inconsistent, with some testers seeing the issue in both the 3.2 release and in the October 2021 development code, but others not seeing the issue in the 3.2 release.

Language: C

Severity Score

7.5

Related Resources (4)

Url: https://github.com/michaelrsweet/mxml/issues/286

Url: https://security-tracker.debian.org/tracker/CVE-2021-42859

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-42859

Url: https://www.mend.io/vulnerability-database/CVE-2021-42859

Severity Score

7.5

Weakness Type (CWE)

Missing Release of Resource after Effective Lifetime

CWE-772

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2021-42859

Date: May 26, 2022

Language: C

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?