Lucene search

K
cvelistMitreCVELIST:CVE-2021-45960
HistoryJan 01, 2022 - 6:47 p.m.

CVE-2021-45960

2022-01-0118:47:46
mitre
www.cve.org
13
expat
libexpat
left shift
vulnerability
xmlparse
realloc
misbehavior

AI Score

9.4

Confidence

High

EPSS

0.01

Percentile

83.8%

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).