CVE-2022-23990

HIGH7.5EPSS 3.7%

Published: 1/26/2022Modified: 4/28/2026

Description

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H