Summaryinfo

A vulnerability was found in GNOME anjuta. It has been classified as problematic. This affects the function xmlGetProp of the file anjuta/plugins/document-manager/anjuta-bookmarks.c of the component libxml2 API. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2021-42522. There is no exploit available. If you want to get best quality of vulnerability data, you may have to visit VulDB.

Detailsinfo

A vulnerability was found in GNOME anjuta (affected version not known) and classified as problematic. Affected by this issue is the function xmlGetProp of the file anjuta/plugins/document-manager/anjuta-bookmarks.c of the component libxml2 API. The manipulation with an unknown input leads to a information disclosure vulnerability. Using CWE to declare the problem leads to CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. Impacted is confidentiality. CVE summarizes:

There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call 'g_free()' to release the return value of 'xmlGetProp()'.

The weakness was released 08/26/2022 as 12. The advisory is shared for download at gitlab.gnome.org. This vulnerability is handled as CVE-2021-42522 since 10/15/2021. There are known technical details, but no exploit is available. The MITRE ATT&CK project declares the attack technique as T1592.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Vendor

• GNOME

Name

• anjuta

License

• open-source

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion