CVE-2022-25313

MEDIUM

libexpat < 2.4.5 - Denial of Service via DTD Element Nesting

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2022-25313. PoCs published by Trinadh465, ShaikUsaf.

AI-analyzed exploit summary This repository contains the source code and documentation for Expat 2.1.0, a C library for parsing XML. It includes build instructions, configuration options, and platform-specific notes, but no exploit code or proof-of-concept for CVE-2022-25313.

Description

In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

Exploits (2)

nomisec WRITEUP
by Trinadh465 · poc
https://github.com/Trinadh465/external_expat-2.1.0_CVE-2022-25313

This repository contains the source code and documentation for Expat 2.1.0, a C library for parsing XML. It includes build instructions, configuration options, and platform-specific notes, but no exploit code or proof-of-concept for CVE-2022-25313.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Expat 2.1.0
No auth needed
Prerequisites: None
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WRITEUP
by ShaikUsaf · poc
https://github.com/ShaikUsaf/external_expact_AOSP10_r33_CVE-2022-25313

This repository appears to be a fork or snapshot of the Expat library (version 2.2.6) with no explicit exploit code. It includes standard library files, build scripts, and documentation, but lacks a PoC or exploit implementation for CVE-2022-25313.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Expat (libexpat) 2.2.6
No auth needed
Prerequisites: None
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Third Party Advisory x_refsource_misc
https://github.com/libexpat/libexpat/pull/558
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2022/02/19/1
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2022/dsa-5085
Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
Patch, Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpuapr2022.html
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20220303-0008/
Third Party Advisory x_refsource_confirm
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202209-24

Scores

CVSS v3 6.5
EPSS 0.0327
EPSS Percentile 86.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-674
Status published
Products (9)
debian/debian_linux 10.0
debian/debian_linux 11.0
fedoraproject/fedora 34
fedoraproject/fedora 35
libexpat_project/libexpat < 2.4.5
oracle/http_server 12.2.1.3.0
oracle/http_server 12.2.1.4.0
oracle/zfs_storage_appliance_kit 8.8
siemens/sinema_remote_connect_server < 3.1
Published Feb 18, 2022
Tracked Since Feb 18, 2026