CVE-2021-45960

Exploit

EPSS 0.37%
Published 01.01.2022 19:15:08
Last modified 05.05.2025 17:17:28
Source cve@mitre.org
Teams watchlist Login
Open Login

In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).

Affected products Warnungen 0 Metrics 4 CWE 1 References 12

Data is provided by the National Vulnerability Database (NVD)

Libexpat Project ≫ Libexpat Version < 2.4.3

Tenable ≫ Nessus Version < 8.15.3

Tenable ≫ Nessus Version >= 10.0.0 < 10.1.1

Debian ≫ Debian Linux Version10.0

Debian ≫ Debian Linux Version11.0

Siemens ≫ Sinema Remote Connect Server Version < 3.1

Netapp ≫ Active Iq Unified Manager Version- SwPlatformvmware_vsphere

Netapp ≫ Hci Baseboard Management Controller Versionh610c

Netapp ≫ Hci Baseboard Management Controller Versionh610s

Netapp ≫ Hci Baseboard Management Controller Versionh615c

Netapp ≫ Oncommand Workflow Automation Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.37%	0.583

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-682 Incorrect Calculation

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf

Patch

Third Party Advisory

http://www.openwall.com/lists/oss-security/2022/01/17/3

Third Party Advisory

Exploit

Mailing List

https://bugzilla.mozilla.org/show_bug.cgi?id=1217609

Third Party Advisory

Issue Tracking

Permissions Required

https://github.com/libexpat/libexpat/issues/531