CVE-2021-45960 vulnerability in Libexpatproject and Other Products
Published on January 1, 2022
Vulnerability Analysis
CVE-2021-45960 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2021-45960. The potential impact of an exploit of this vulnerability is considered to be very high.
Weakness Type
Incorrect Calculation
The software performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management. When software performs a security-critical calculation incorrectly, it might lead to incorrect resource allocations, incorrect privilege assignments, or failed comparisons among other things. Many of the direct results of an incorrect calculation can lead to even larger problems such as failed protection mechanisms or even arbitrary code execution.
Products Associated with CVE-2021-45960
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-45960 are published in these products:
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.