GHSA-8mw4-grgw-m3fp

Опубликовано: 17 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

Ссылки

EPSS

Процентиль: 94%

0.13043

Средний

9.8 Critical

CVSS3

CVE ID

CVE-2022-25235

Дефекты

CWE-116

Связанные уязвимости

CVE-2022-25235

CVSS3: 9.8

ubuntu

больше 3 лет назад

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

CVE-2022-25235

CVSS3: 9.8

redhat

больше 3 лет назад

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

CVE-2022-25235

CVSS3: 9.8

nvd

больше 3 лет назад

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

CVE-2022-25235

CVSS3: 9.8

msrc

больше 3 лет назад

Описание отсутствует

CVE-2022-25235

CVSS3: 9.8

debian

больше 3 лет назад

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain valid ...

EPSS

Процентиль: 94%

0.13043

Средний

9.8 Critical

CVSS3

CVE ID

CVE-2022-25235

Дефекты

CWE-116