Security Advisory

CVE-2021-28040

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-05 17:46:34

Last updated 2024-08-03 21:33:17

Assigner mitre

State PUBLISHED

Description

An issue was discovered in OSSEC 3.6.0. An uncontrolled recursion vulnerability in os_xml.c occurs when a large number of opening and closing XML tags is used. Because recursion is used in _ReadElem without restriction, an attacker can trigger a segmentation fault once unmapped memory is reached.

← Browse all CVEs View on cve.org ↗