33 matches found
expat: Integer overflow in addBinding in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...
expat: Integer overflow in addBinding in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...
expat: Integer overflow in addBinding in xmlparse.c
expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...
Expat addBinding function buffer overflow vulnerability
Expat is a fast streaming XML parser written in C. A buffer overflow vulnerability exists in versions of Expat prior to 2.4.3, which stems from a boundary error in the addBinding in xmlparse.c when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary...
Integer Overflow
libexpat.so is vulnerable to denial of serviceDOS attacks. The vulnerability exists due to the integer overflow in the addBinding of xmlparse.c, allowing an attacker to cause an application crash...
DEBIAN-CVE-2022-22822
addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
AZL-7156 CVE-2022-22822 affecting package expat for versions less than 2.4.3-1
addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
UBUNTU-CVE-2022-22822
addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
Expat 输入验证错误漏洞
Expat is a fast streaming XML parser written in C. A buffer overflow vulnerability exists in versions of Expat prior to 2.4.3, which stems from a boundary error in the addBinding in xmlparse.c when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary...
CVE-2022-22822
CVE-2022-22822 affects Expat (libexpat) prior to 2.4.3, where addBinding in xmlparse.c can overflow an integer and enable remote code execution or other impact as described in published advisories. The vulnerability is tied to an integer overflow in xmlparse.c (addBinding), with CVSS-derived seve...
CVE-2022-22822
addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
PT-2022-1362 · Expat +12 · Expat +12
Name of the Vulnerable Software and Affected Versions: Expat aka libexpat versions prior to 2.4.3 Description: The issue is related to an integer overflow in the addBinding function of the Expat library. This could allow a remote attacker to execute arbitrary code on the system by persuading a...
PT-2021-6138 · Expat +12 · Expat +12
Name of the Vulnerable Software and Affected Versions: Expat aka libexpat versions prior to 2.4.3 Description: The issue is related to a left shift by 29 or more places in the storeAtts function in xmlparse.c, which can lead to realloc misbehavior, such as allocating too few bytes or only freeing...