Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:33582
HistoryJan 11, 2022 - 6:52 a.m.

Integer Overflow

2022-01-1106:52:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
22
libexpat.so
integer overflow
xmlparse.c
defineattribute
application crash

EPSS

0.014

Percentile

86.4%

libexpat.so is vulnerable to Integer Overflow. The vulnerability exists because the defineAttribute function of xmlparse.c doesn’t check the input length which allows an attacker to leverage an overflow causing an application crash.