4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
56.6%
readfilemap.c in expat before 2.1.0 allows context-dependent attackers to
cause a denial of service (file descriptor consumption) via a large number
of crafted XML files.
Author | Note |
---|---|
mdeslaur | readfilemap.c isn’t used on linux, only unixfilemap.c |
ebarretto | tla uses system expat as of 1.3.5+dfsg-15 |
ccdm94 | cmake 3.20.5 and forward uses expat 2.2.10+. |