CVE-2021-46143

Опубликовано: 06 янв. 2022

Источник: debian

Описание

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.4.3-1		package
libxmltok	fixed	1.2-4.2		package
libxmltok	ignored		bookworm	package

https://github.com/libexpat/libexpat/issues/532
https://github.com/libexpat/libexpat/pull/538
https://github.com/libexpat/libexpat/commit/85ae9a2d7d0e9358f356b33977b842df8ebaec2b (R_2_4_3)

CVE-2021-46143

CVSS3: 8.1

ubuntu

около 4 лет назад

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

CVE-2021-46143

CVSS3: 7.8

redhat

около 4 лет назад

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

CVE-2021-46143

CVSS3: 8.1

nvd

около 4 лет назад

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

CVE-2021-46143

CVSS3: 7.8

msrc

около 4 лет назад

Описание отсутствует

GHSA-j6g2-cvhq-p8xr

CVSS3: 7.8

github

почти 4 года назад

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.