Show filters
36 Total Results
Displaying 11-20 of 36
Sort by:
Attacker Value
Unknown

CVE-2022-25236

Disclosure Date: February 16, 2022 (last updated October 07, 2023)
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-25235

Disclosure Date: February 16, 2022 (last updated October 07, 2023)
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-23990

Disclosure Date: January 26, 2022 (last updated November 08, 2023)
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-23852

Disclosure Date: January 24, 2022 (last updated November 28, 2024)
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-22827

Disclosure Date: January 10, 2022 (last updated October 07, 2023)
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-22826

Disclosure Date: January 10, 2022 (last updated October 07, 2023)
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-22825

Disclosure Date: January 10, 2022 (last updated October 07, 2023)
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-22824

Disclosure Date: January 10, 2022 (last updated October 07, 2023)
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-22823

Disclosure Date: January 10, 2022 (last updated October 07, 2023)
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-22822

Disclosure Date: January 10, 2022 (last updated October 07, 2023)
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >