Vulnerability CVE-2023-34194
Published: 2023-12-13   Modified: 2023-12-14

Description:
StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has a reachable assertion (and application exit) via a crafted XML document with a '\0' located after whitespace.

 References:
https://sourceforge.net/p/tinyxml/git/ci/master/tree/tinyxmlparser.cpp
https://www.forescout.com/resources/sierra21-vulnerabilities
Copyright 2026, cxsecurity.com

 

Back to Top