CVE-2019-15903
CVSS v3.1
7.5 (High)
CVSS v2.0
5 (Medium)
EPSS
0.46 % (76th)
Affected Products
2
Advisories
59
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
Weaknesses
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2019-09-04 06:15:10
(5 years ago) - Updated Date
-
2023-11-07 03:05:35
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...