VDB
GCVE-110-MAGEIA-2022-31
GCVE-110-MAGEIA-2022-31
Advisory Published
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places
in the storeAtts function in xmlparse.c can lead to realloc misbehavior
(e.g., allocating too few bytes, or only freeing memory). (CVE-2021-45960)
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer
overflow exists for m_groupSize. (CVE-2021-46143)
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an
integer overflow. (CVE-2022-22822)
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an
integer overflow. (CVE-2022-22823)
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an
integer overflow. (CVE-2022-22824)
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer
overflow. (CVE-2022-22825)
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an
integer overflow. (CVE-2022-22826)
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an
integer overflow. (CVE-2022-22827)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | nextcloud-client | 3.4.3-1.mga8 (unaffected), 0 (affected) | — |
| Mageia | expat | 0 (affected), 2.2.10-1.1.mga8 (unaffected), 0 (affected), 2.2.10-1.1.mga8 (unaffected) | — |
References
Browse GCVE Records
73,393 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.