Description

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

Remediation

References

CVE-2022-25313

Related Vulnerabilities

WordPress Plugin Falang multilanguage for WordPress Cross-Site Scripting (1.3.17)

PHP Resource Management Errors Vulnerability (CVE-2011-3267)

WordPress Plugin Japanized For WooCommerce Cross-Site Scripting (2.5.6)

WordPress Plugin Integration for Contact Form 7 and ActiveCampaign Cross-Site Scripting (1.0.3)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-4304)

Severity

Medium

Classification

CVE-2022-25313 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities