163 matches found
CVE-2022-22824
defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22824
defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22824
defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22825
CVE-2022-22825 refers to an integer overflow in Expat (libexpat) within xmlparse.c (lookup function) present in versions before 2.4.3. The vulnerability is a code execution/impact class due to heap memory mismanagement from the overflow, with CVSS v3.1 base score 8.8 (high) and network/remote exp...
CVE-2022-22826
CVE-2022-22826 is an integer overflow in the Expat (libexpat) XML parser, specifically in nextScaffoldPart of xmlparse.c, affecting versions before 2.4.3. The initial CVE description confirms the overflow, and connected advisories/patch notes (e.g., AlmaLinux ALAS-2022-1603/7692, CESA-2022:1069) ...
CVE-2022-22826
nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22826
nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22827
storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22827
storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22827
storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
CVE-2022-22827
CVE-2022-22827 affects Expat (libexpat) stored in xmlparse.c: storeAtts has an integer overflow in versions before 2.4.3. The vulnerability can be triggered by processing crafted XML content and, as described in the advisories, may lead to crashes or arbitrary code execution in some contexts. Aff...
PT-2022-1762 · Expat +12 · Expat +12
Name of the Vulnerable Software and Affected Versions: Expat versions prior to 2.4.3 Description: The issue is related to an integer overflow in the build model function in xmlparse.c of the Expat library. This could allow a remote attacker to execute arbitrary code on the system by persuading a...
PT-2022-1760 · Expat +12 · Expat +12
Name of the Vulnerable Software and Affected Versions: Expat aka libexpat versions prior to 2.4.3 Description: The issue is related to an integer overflow in the storeAtts function in xmlparse.c of the Expat library. This could allow a remote attacker to execute arbitrary code. Recommendations: F...
CVE-2021-46143
In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...
AZL-7155 CVE-2021-46143 affecting package expat for versions less than 2.4.3-1
In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...
DEBIAN-CVE-2021-46143
In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...
UBUNTU-CVE-2021-46143
In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...
CVE-2021-46143
CVE-2021-46143 affects libexpat (Expat) in doProlog (xmlparse.c) with an integer overflow on m_groupSize prior to 2.4.3. The linked advisories and databases confirm related Expat overflow issues (and other overflow variants such as addBinding, build_model, defineAttribute, lookup, nextScaffoldPar...
CVE-2021-46143
In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...
Expat 输入验证错误漏洞
Expat is a fast streaming XML parser written in C. Expat is vulnerable in versions prior to 2.4.3. The vulnerability stems from mgroupSize in Expat's xmlparse.c that does not properly validate data boundaries when performing operations on memory, resulting in incorrect read and write operations...