Lucene search
K

33 matches found

RedHat Linux
RedHat Linux
added 2022/03/14 10:48 a.m.3 views

expat: Integer overflow in addBinding in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...

9.8CVSS7.5AI score0.04829EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/14 10:16 a.m.5 views

expat: Integer overflow in addBinding in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...

9.8CVSS7.5AI score0.04829EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/10 4:37 p.m.5 views

expat: Integer overflow in addBinding in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...

9.8CVSS7.5AI score0.04829EPSS
Exploits0References5
CNVD
CNVD
added 2022/01/14 12:0 a.m.31 views

Expat addBinding function buffer overflow vulnerability

Expat is a fast streaming XML parser written in C. A buffer overflow vulnerability exists in versions of Expat prior to 2.4.3, which stems from a boundary error in the addBinding in xmlparse.c when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary...

9.8CVSS6.2AI score0.04829EPSS
Exploits0References1
Veracode
Veracode
added 2022/01/11 9:49 a.m.31 views

Integer Overflow

libexpat.so is vulnerable to denial of serviceDOS attacks. The vulnerability exists due to the integer overflow in the addBinding of xmlparse.c, allowing an attacker to cause an application crash...

9.8CVSS4.3AI score0.04829EPSS
Exploits0References7Affected Software23
OSV
OSV
added 2022/01/10 2:12 p.m.4 views

DEBIAN-CVE-2022-22822

addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7.4AI score0.04829EPSS
Exploits0References1
OSV
OSV
added 2022/01/10 2:12 p.m.8 views

AZL-7156 CVE-2022-22822 affecting package expat for versions less than 2.4.3-1

addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7AI score0.04829EPSS
Exploits0References1
OSV
OSV
added 2022/01/10 2:12 p.m.3 views

UBUNTU-CVE-2022-22822

addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7AI score0.04829EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/01/10 12:0 a.m.3 views

Expat 输入验证错误漏洞

Expat is a fast streaming XML parser written in C. A buffer overflow vulnerability exists in versions of Expat prior to 2.4.3, which stems from a boundary error in the addBinding in xmlparse.c when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary...

9.8CVSS9.3AI score0.04829EPSS
Exploits0References47
CVE
CVE
added 2022/01/08 2:57 a.m.411 views

CVE-2022-22822

CVE-2022-22822 affects Expat (libexpat) prior to 2.4.3, where addBinding in xmlparse.c can overflow an integer and enable remote code execution or other impact as described in published advisories. The vulnerability is tied to an integer overflow in xmlparse.c (addBinding), with CVSS-derived seve...

9.8CVSS9.5AI score0.04829EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2022/01/08 2:57 a.m.45 views

CVE-2022-22822

addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS8.8AI score0.04829EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/01/08 12:0 a.m.6 views

PT-2022-1362 · Expat +12 · Expat +12

Name of the Vulnerable Software and Affected Versions: Expat aka libexpat versions prior to 2.4.3 Description: The issue is related to an integer overflow in the addBinding function of the Expat library. This could allow a remote attacker to execute arbitrary code on the system by persuading a...

10CVSS8.4AI score0.33936EPSS
Exploits16References313
Positive Technologies
Positive Technologies
added 2021/12/30 12:0 a.m.5 views

PT-2021-6138 · Expat +12 · Expat +12

Name of the Vulnerable Software and Affected Versions: Expat aka libexpat versions prior to 2.4.3 Description: The issue is related to a left shift by 29 or more places in the storeAtts function in xmlparse.c, which can lead to realloc misbehavior, such as allocating too few bytes or only freeing...

9.8CVSS8.5AI score0.33936EPSS
Exploits5References234
Rows per page
Query Builder