Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the doContent function in xmlparse.c. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers an integer overflow. Remediation...

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

...

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

...

ALPINE-CVE-2022-22825

lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

ALPINE-CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

UBUNTU-CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...