Fluid Attacks Database

Description

Format string vulnerability in xml_elem.c for XMLStarlet Command Line XML Toolkit 0.9.3 may allow attackers to cause a denial of service or execute arbitrary code.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	xmlstarlet	>=0 <1.0.0-1	1.0.0-1
debian 11	xmlstarlet	>=0 <1.0.0-1	1.0.0-1
debian 13	xmlstarlet	>=0 <1.0.0-1	1.0.0-1
debian 14	xmlstarlet	>=0 <1.0.0-1	1.0.0-1

Aliases

1. CVE-2004-21602. NVD-2004-21603. OSV-DEBIAN-2004-21604. OSV-2004-21605. SECURITY-TRACKER-CVE-2004-2160

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.