suse · CVE-2019-20198

Quick triage

Priority: medium Published: 2021-10-21 01:28:31 UTC Updated: 2025-08-14 01:52:31 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2019-20198 severity moderate: SUSE including 249 source package names (libnetcdf-gnu-hpc, libnetcdf-gnu-hpc-4.6.1-10.7.2, …), 642 product×package rows across 25 product lines (SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS, SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS, … (25 product lines)): Fixed 575, Known Not Affected 67.

Description:

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_ent_ok() mishandles recursion, leading to stack consumption for a crafted XML file.

cvelogic Threat Intelligence