GHSA-h83g-c7g2-6r9h

Опубликовано: 10 фев. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

Ссылки

EPSS

Процентиль: 89%

0.04947

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2022-23852

Дефекты

CWE-190

Связанные уязвимости

CVE-2022-23852

CVSS3: 9.8

ubuntu

почти 4 года назад

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

CVE-2022-23852

CVSS3: 9.8

redhat

почти 4 года назад

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

CVE-2022-23852

CVSS3: 9.8

nvd

почти 4 года назад

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

CVE-2022-23852

CVSS3: 9.8

msrc

почти 4 года назад

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer for configurations with a nonzero XML_CONTEXT_BYTES.

CVE-2022-23852

CVSS3: 9.8

debian

почти 4 года назад

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML ...

EPSS

Процентиль: 89%

0.04947

Низкий

9.8 Critical

CVSS3

CVE ID

CVE-2022-23852

Дефекты

CWE-190