GHSA-3gf2-723m-w3fv

Опубликовано: 19 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

Ссылки

EPSS

Процентиль: 37%

0.00155

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-25313

Дефекты

CWE-400

CWE-674

Связанные уязвимости

CVE-2022-25313

CVSS3: 6.5

ubuntu

почти 4 года назад

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

CVE-2022-25313

CVSS3: 6.5

redhat

почти 4 года назад

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

CVE-2022-25313

CVSS3: 6.5

nvd

почти 4 года назад

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

CVE-2022-25313

CVSS3: 6.5

msrc

почти 4 года назад

In Expat (aka libexpat) before 2.4.5 an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

CVE-2022-25313

CVSS3: 6.5

debian

почти 4 года назад

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack ex ...

EPSS

Процентиль: 37%

0.00155

Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-25313

Дефекты

CWE-400

CWE-674