CVE-2022-23852

Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*
cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-01-24 02:15

Updated : 2024-02-28 18:48


NVD link : CVE-2022-23852

Mitre link : CVE-2022-23852

CVE.ORG link : CVE-2022-23852


JSON object : View

Products Affected

siemens

  • sinema_remote_connect_server

tenable

  • nessus

netapp

  • clustered_data_ontap
  • oncommand_workflow_automation

libexpat_project

  • libexpat

debian

  • debian_linux

oracle

  • communications_metasolv_solution
CWE
CWE-190

Integer Overflow or Wraparound