Vulnerabilities > CVE-2023-34194 - Reachable Assertion vulnerability in Tinyxml Project Tinyxml

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
tinyxml-project
CWE-617

Summary

StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.

Common Weakness Enumeration (CWE)