CVE-2022-25315
- EPSS 9%
- Published 18.02.2022 05:15:08
- Last modified 05.05.2025 17:18:01
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
CVE-2022-25314
- EPSS 0.56%
- Published 18.02.2022 05:15:08
- Last modified 05.05.2025 17:18:01
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
CVE-2022-25313
- EPSS 0.16%
- Published 18.02.2022 05:15:08
- Last modified 30.05.2025 20:15:26
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
CVE-2022-25236
- EPSS 10.89%
- Published 16.02.2022 01:15:07
- Last modified 05.05.2025 17:18:01
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
CVE-2022-25235
- EPSS 11.91%
- Published 16.02.2022 01:15:07
- Last modified 05.05.2025 17:18:00
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
CVE-2022-23990
- EPSS 4.36%
- Published 26.01.2022 19:15:08
- Last modified 05.05.2025 17:17:59
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
CVE-2022-23852
- EPSS 1.71%
- Published 24.01.2022 02:15:06
- Last modified 05.05.2025 17:17:58
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVE-2022-22827
- EPSS 0.25%
- Published 10.01.2022 14:12:57
- Last modified 05.05.2025 17:17:53
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22826
- EPSS 0.18%
- Published 10.01.2022 14:12:57
- Last modified 05.05.2025 17:17:53
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22825
- EPSS 0.18%
- Published 10.01.2022 14:12:56
- Last modified 05.05.2025 17:17:53
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.