56 matches found
SUSE CVE-2017-20006
UnRAR 5.6.1.2 and 5.6.1.3 has a heap-based buffer overflow in Unpack::CopyString called from Unpack::Unpack5 and CmdExtract::ExtractCurrentFile...
SUSE CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
expat: Integer overflow in copyString()
An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded rather than user input, takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service...
ASB-A-221384482
from https://nvd.nist.gov/vuln/detail/CVE-2022-25314 In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString. In copyString of xmlparse.c, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional...
expat: Integer overflow in copyString()
An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded rather than user input, takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service...
expat: Integer overflow in copyString()
An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded rather than user input, takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service...
RHEL 8 : expat (RHSA-2022:5314)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5314 advisory. Expat is a C library for parsing XML documents. Security Fixes: expat: stack exhaustion in doctype parsing CVE-2022-25313 expat: integer...
The vulnerability of the Unpack::CopyString function in the UnRAR file decompression tool allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Unpack::CopyString function in the UnRAR file decompression tool is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of the copyString function in the Expat library, related to integer overflow, allows an attacker to cause a service failure.
The vulnerability of the copyString function in the Expat library is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to cause a service failure by sending a specially crafted request...
Expat integer overflow vulnerability (CNVD-2022-18353)
Expat is a fast streaming XML parser written in C. Expat is vulnerable to an integer overflow vulnerability that stems from an integer overflow in copyString. No detailed vulnerability details are currently available...
CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
ALPINE-CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
AZL-8624 CVE-2022-25314 affecting package expat for versions less than 2.4.8-1
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
DEBIAN-CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
Integer overflow
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
UBUNTU-CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
CVE-2022-25314
In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString...
CVE-2022-25314
CVE-2022-25314 affects Expat (libexpat) and is caused by an integer overflow in copyString() in xmlparse.c. The issue can enable arbitrary code execution or crash the process when processing crafted input. Public advisories and bulletins from AlmaLinux, AlmaLinux 9/8, Astra Linux, Cloud Foundry, ...