Libexpat Project: >> Libexpat >> 2.4.4 Security Vulnerabilities
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
CVSS Score
9.8
EPSS Score
0.075
Published
2022-02-18
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
CVSS Score
9.8
EPSS Score
0.13
Published
2022-02-16
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
CVSS Score
9.8
EPSS Score
0.092
Published
2022-02-16
Page 2