CVE-2022-22824

Published January 10th, 2022

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

1

PROJECT

Description

defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

libexpat/libexpat

:herb: Fast streaming XML parser written in C99 with >90% test coverage; moved from SourceForge to GitHub

GitHub

1.34K