Vulnerabilities > Libexpat Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-24	CVE-2022-23852	Integer Overflow or Wraparound vulnerability in multiple products Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. network low complexity libexpat-project netapp tenable debian oracle siemens CWE-190 critical	9.8
2022-01-10	CVE-2022-22822	Integer Overflow or Wraparound vulnerability in multiple products addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable siemens debian CWE-190 critical	9.8
2022-01-10	CVE-2022-22823	Integer Overflow or Wraparound vulnerability in multiple products build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190 critical	9.8
2022-01-10	CVE-2022-22824	Integer Overflow or Wraparound vulnerability in multiple products defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190 critical	9.8
2022-01-10	CVE-2022-22825	Integer Overflow or Wraparound vulnerability in multiple products lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190	8.8
2022-01-10	CVE-2022-22826	Integer Overflow or Wraparound vulnerability in multiple products nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190	8.8
2022-01-10	CVE-2022-22827	Integer Overflow or Wraparound vulnerability in multiple products storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. network low complexity libexpat-project tenable debian siemens CWE-190	8.8
2022-01-06	CVE-2021-46143	Integer Overflow or Wraparound vulnerability in multiple products In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. local low complexity libexpat-project netapp tenable siemens CWE-190	7.8
2022-01-01	CVE-2021-45960	Incorrect Calculation vulnerability in multiple products In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). network low complexity libexpat-project tenable debian siemens netapp CWE-682	8.8
2019-09-04	CVE-2019-15903	XML Entity Expansion vulnerability in multiple products In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. network low complexity libexpat-project python CWE-776	7.5

Vulnerabilities > Libexpat Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Libexpat Project"}]}

Vulnerabilities > Libexpat Project