CVSS: 7.5EPSS: 3%CPEs: 9EXPL: 1CVE-2022-23990 – expat: integer overflow in the doProlog function
https://notcve.org/view.php?id=CVE-2022-23990
26 Jan 2022 — Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Expat (también se conoce como libexpat) versiones anteriores a 2.4.4, presenta un desbordamiento de enteros en la función doProlog A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service. Red... • https://github.com/Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23990 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 8EXPL: 1CVE-2022-23852 – expat: Integer overflow in function XML_GetBuffer
https://notcve.org/view.php?id=CVE-2022-23852
24 Jan 2022 — Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. Expat (también se conoce como libexpat) versiones anteriores a 2.4.4, presenta un desbordamiento de enteros con signo en la función XML_GetBuffer, para configuraciones con un XML_CONTEXT_BYTES no nulo expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can ... • https://github.com/Satheesh575555/external_expat_AOSP10_r33_CVE-2022-23852 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 1CVE-2022-22822 – expat: Integer overflow in addBinding in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22822
08 Jan 2022 — addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función addBinding en el archivo xmlparse.c en Expat (también se conoce como libexpat) antes de 2.4.3 presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability ... • https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2022-22822toCVE-2022-22827 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22823 – expat: Integer overflow in build_model in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22823
08 Jan 2022 — build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función build_model en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerabilit... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22824 – expat: Integer overflow in defineAttribute in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22824
08 Jan 2022 — defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función defineAttribute en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vuln... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22825 – expat: Integer overflow in lookup in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22825
08 Jan 2022 — lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función lookup en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to av... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22826 – expat: Integer overflow in nextScaffoldPart in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22826
08 Jan 2022 — nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función nextScaffoldPart en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vu... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-22827 – expat: Integer overflow in storeAtts in xmlparse.c
https://notcve.org/view.php?id=CVE-2022-22827
08 Jan 2022 — storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. la función storeAtts en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, presenta un desbordamiento de enteros expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is... • http://www.openwall.com/lists/oss-security/2022/01/17/3 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.1EPSS: 4%CPEs: 11EXPL: 2CVE-2021-46143 – expat: Integer overflow in doProlog in xmlparse.c
https://notcve.org/view.php?id=CVE-2021-46143
06 Jan 2022 — In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. En la función doProlog en el archivo xmlparse.c en Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, se presenta un desbordamiento de enteros para m_groupSize. expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. ... • https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2021-46143 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.0EPSS: 0%CPEs: 12EXPL: 5CVE-2021-45960 – expat: Large number of prefixed XML attributes on a single tag can crash libexpat
https://notcve.org/view.php?id=CVE-2021-45960
01 Jan 2022 — In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). En Expat (también se conoce como libexpat) versiones anteriores a 2.4.3, un desplazamiento a la izquierda por 29 (o más) lugares en la función storeAtts en el archivo xmlparse.c puede conllevar a un comportamiento incorrecto de reasignación (por ejemplo, asignar muy pocos bytes, o sólo liberar memoria). exp... • https://github.com/nanopathi/external_expat_AOSP10_r33_CVE-2021-45960 • CWE-130: Improper Handling of Length Parameter Inconsistency CWE-682: Incorrect Calculation •