CVE-2026-25210

Опубликовано: 30 янв. 2026

Источник: nvd

CVSS3: 6.9

EPSS Низкий

Описание

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

Ссылки

EPSS

Процентиль: 0%

0.00006

Низкий

6.9 Medium

CVSS3

Дефекты

CWE-190

Связанные уязвимости

CVE-2026-25210

CVSS3: 6.9

ubuntu

9 дней назад

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

CVE-2026-25210

CVSS3: 6.9

debian

9 дней назад

In libexpat before 2.7.4, the doContent function does not properly det ...

GHSA-857q-6v86-xp84

CVSS3: 6.9

github

9 дней назад

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

EPSS

Процентиль: 0%

0.00006

Низкий

6.9 Medium

CVSS3

Дефекты

CWE-190