| Release | Version |
|---|---|
| jessie | 2.2.0-1 |
| stretch | 4.0.1-1 |
| buster | 7.0.0+dfsg-1 |
| bullseye | 8.0.0+dfsg-2 |
| bookworm | 9.0.0+dfsg-3.1 |
| trixie | 10.0.0+dfsg-2 |
| sid | 10.0.0+dfsg-2 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-50615 | vulnerable | vulnerable (no DSA, postponed) | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, ... |
| CVE-2024-50614 | vulnerable | vulnerable (no DSA, postponed) | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable | vulnerable | TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, tha ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-11210 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::P ... |