Description

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

Remediation

References

CVE-2022-25313

Related Vulnerabilities

WordPress Plugin Feedweb Unspecified Vulnerability (3.0.10)

WordPress Plugin Shared Files-Easy Download Manager and File Sharing with Frontend File Upload Cross-Site Scripting (1.6.60)

WordPress Plugin Slimstat Analytics SQL Injection (5.0.4)

Chamilo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-39582)

Moodle Resource Management Errors Vulnerability (CVE-2015-0217)

Severity

Medium

Classification

CVE-2022-25313 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities