CVE-2019-20202
Description
An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_char_content() tries to use realloc on a block that was not allocated, leading to an invalid free and segmentation fault.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ezXML 0.8.3–0.8.6 calls realloc on a non-allocated block in ezxml_char_content(), causing a free of invalid memory and segmentation fault.
Vulnerability
The ezxml_char_content() function in ezXML versions 0.8.3 through 0.8.6 attempts to call realloc on a memory block that was never allocated by malloc() or a related function, as reported in [1]. This leads to an invalid free operation when realloc internally frees the old pointer. The issue is triggered during XML parsing via ezxml_parse_file() or ezxml_parse_str() when handling a specially crafted XML file that results in ezxml_char_content() being called on uninitialized or improperly managed memory [1].
Exploitation
An attacker can cause a denial of service by providing a malicious XML file to an application using the vulnerable ezXML library. No special authentication or network position is required beyond the ability to supply the XML input (e.g., via file upload, network input, or configuration file) [1]. The crash occurs during parsing at ezxml.c:248 as shown in the AddressSanitizer report, without requiring any user interaction beyond the parse call [1].
Impact
Successful exploitation results in a segmentation fault due to an invalid free, causing the application to crash. This is a denial-of-service condition (availability impact) with no impact on confidentiality or integrity [1]. The crash is reproducible both under AddressSanitizer and without it [1].
Mitigation
As of the last available reference [1] (2019), no patched version has been released. The maintainer listed the bug as acknowledged but no fix was provided. Users of ezXML 0.8.3 through 0.8.6 should consider upgrading to a newer version if one becomes available, or avoid processing untrusted XML input. No official workaround is documented. The vulnerability is not listed on CISA’s Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
59- ezXML/ezXMLdescription
- osv-coords57 versionspkg:rpm/opensuse/netcdf_4_6_1-gnu-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_6_1-gnu-mpich-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_6_1-gnu-mvapich2-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_6_1-gnu-openmpi1-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_6_1-gnu-openmpi2-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_3-gnu-hpc&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/netcdf_4_7_3-gnu-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_3-gnu-mpich-hpc&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/netcdf_4_7_3-gnu-mpich-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_3-gnu-mvapich2-hpc&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/netcdf_4_7_3-gnu-mvapich2-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_3-gnu-openmpi2-hpc&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/netcdf_4_7_3-gnu-openmpi2-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_3-gnu-openmpi3-hpc&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/netcdf_4_7_3-gnu-openmpi3-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_4-gnu-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_4-gnu-mpich-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_4-gnu-mvapich2-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_4-gnu-openmpi2-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_4-gnu-openmpi3-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf_4_7_4-gnu-openmpi4-hpc&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf-openmpi2&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf-openmpi3&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf-openmpi4&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/netcdf-openmpi&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/netcdf_4_6_1-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/netcdf_4_6_1-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/netcdf_4_6_1-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/netcdf_4_6_1-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/netcdf_4_6_1-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/netcdf_4_6_1-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/netcdf_4_6_1-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/netcdf_4_6_1-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/netcdf_4_6_1-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/netcdf_4_6_1-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/netcdf_4_6_1-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/netcdf_4_6_1-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/netcdf_4_6_1-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/netcdf_4_6_1-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/netcdf_4_6_1-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/netcdf_4_6_1-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/netcdf_4_7_3-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP2pkg:rpm/suse/netcdf_4_7_3-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP2pkg:rpm/suse/netcdf_4_7_3-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP2pkg:rpm/suse/netcdf_4_7_3-gnu-openmpi2-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP2pkg:rpm/suse/netcdf_4_7_3-gnu-openmpi3-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP2pkg:rpm/suse/netcdf_4_7_4-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-mpich-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-mvapich2-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-openmpi3-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-openmpi3-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-openmpi4-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP3pkg:rpm/suse/netcdf_4_7_4-gnu-openmpi4-hpc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3
< 4.6.1-10.7.2+ 56 more
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.7.3-lp152.2.6.1
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.3-lp152.2.6.1
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.3-lp152.2.6.1
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.3-lp152.2.6.1
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.3-lp152.2.6.1
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-10.7.2
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.6.1-5.7.1
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.3-3.7.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
- (no CPE)range: < 4.7.4-4.3.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- sourceforge.net/p/ezxml/bugs/17/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.