Expat XML Parsing Library: Realloc Misbehavior in storeAtts Function
CVE-2021-45960 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
Learn more about our Web Application Penetration Testing UK.