Описание
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| expat | fixed | 2.4.3-1 | package | |
| libxmltok | removed | package | ||
| libxmltok | ignored | bookworm | package |
Примечания
https://github.com/libexpat/libexpat/pull/539
https://github.com/libexpat/libexpat/commit/9f93e8036e842329863bf20395b8fb8f73834d9e (R_2_4_3)
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 4 лет назад
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS3: 9.8
redhat
около 4 лет назад
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS3: 9.8
nvd
около 4 лет назад
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVSS3: 9.8
github
почти 4 года назад
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.