Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2022-25235

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

Source

Description

The MITRE CVE dictionary describes this issue as:

xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.

Additional Information

Bugzilla 2056366: CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
CWE-838: Inappropriate Encoding for Output Context
FAQ: Frequently asked questions about CVE-2022-25235

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Description

Additional Information

Vulmon Search

About

Products

Connect