[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-25235":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":36,"aliases":37,"duplicate_of":9,"upstream":38,"downstream":39,"duplicates":134,"related":135,"reserved_at":9,"published_at":146,"modified_at":147,"state":148,"summary":149,"references_raw":158,"kevs":210,"epss":211,"epss_history":214,"metrics":470,"affected":481},"CVE-2022-25235","xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-116","Improper Encoding or Escaping of Output","The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.","weakness","Draft","Class","High",[20,24,28,32],{"id":21,"name":22,"techniques":23},"CAPEC-104","Cross Zone Scripting",[],{"id":25,"name":26,"techniques":27},"CAPEC-73","User-Controlled Filename",[],{"id":29,"name":30,"techniques":31},"CAPEC-81","Web Server Logs Tampering",[],{"id":33,"name":34,"techniques":35},"CAPEC-85","AJAX Footprinting",[],[],[],[],[40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126,128,130,132],{"_key":41},"ALPINE-CVE-2022-25235",{"_key":43},"SUSE-SU-2022:2294-1",{"_key":45},"SUSE-SU-2022:0698-1",{"_key":47},"SUSE-SU-2022:0713-1",{"_key":49},"SUSE-SU-2022:14903-1",{"_key":51},"OPENSUSE-SU-2022:0713-1",{"_key":53},"OPENSUSE-SU-2024:11866-1",{"_key":55},"DLA-2935-1",{"_key":57},"DSA-5085-1",{"_key":59},"RHSA-2022:0815",{"_key":61},"RHSA-2022:0816",{"_key":63},"RHSA-2022:0817",{"_key":65},"RHSA-2022:0843",{"_key":67},"RHSA-2022:0847",{"_key":69},"RHSA-2022:0853",{"_key":71},"RHSA-2022:1012",{"_key":73},"RHSA-2022:1053",{"_key":75},"RHSA-2022:1068",{"_key":77},"RHSA-2022:1070",{"_key":79},"RHSA-2022:1309",{"_key":81},"RHSA-2022:1539",{"_key":83},"RHSA-2022:1540",{"_key":85},"RHSA-2022:1643",{"_key":87},"RHSA-2022:1644",{"_key":89},"RHSA-2022:7811",{"_key":91},"MGASA-2022-0081",{"_key":93},"MGASA-2022-0156",{"_key":95},"MGASA-2022-0157",{"_key":97},"MGASA-2022-0183",{"_key":99},"DEBIAN-CVE-2022-25235",{"_key":101},"USN-8235-1",{"_key":103},"USN-8240-1",{"_key":105},"USN-8241-1",{"_key":107},"RHBA-2022:4046",{"_key":109},"RHSA-2022:0818",{"_key":111},"RHSA-2022:0824",{"_key":113},"RHSA-2022:0845",{"_key":115},"RHSA-2022:0850",{"_key":117},"RHSA-2022:0951",{"_key":119},"RHSA-2022:1069",{"_key":121},"USN-5288-1",{"_key":123},"USN-5455-1",{"_key":125},"RHSA-2022:1263",{"_key":127},"USN-8313-1",{"_key":129},"USN-8314-1",{"_key":131},"USN-8316-1",{"_key":133},"UBUNTU-CVE-2022-25235",[],[136,137,138,139,140,141,142,143,144,145],{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":91},{"_key":93},{"_key":95},{"_key":97},"2022-02-16T00:40:20.000Z","2025-05-05T16:23:52.716Z","Modified",{"cisa_kev":150,"cisa_ransomware":150,"cisa_vendor":9,"epss_severity":151,"epss_score":152,"severity":153,"severity_score":154,"severity_version":155,"severity_source":156,"severity_vector":157,"severity_status":148},false,"medium",0.11027,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[159,167,173,179,184,188,192,196,201,205],{"url":160,"sources":161,"tags":163},"https://github.com/libexpat/libexpat/pull/562",[156,162],"nvd",[164,165,166],"X Refsource MISC","Patch","Third Party Advisory",{"url":168,"sources":169,"tags":170},"http://www.openwall.com/lists/oss-security/2022/02/19/1",[156,162],[171,172,166],"Mailing List","X Refsource MLIST",{"url":174,"sources":175,"tags":176},"https://www.debian.org/security/2022/dsa-5085",[156,162],[177,178,166],"Vendor Advisory","X Refsource DEBIAN",{"url":180,"sources":181,"tags":182},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/",[156,162],[177,183],"X Refsource FEDORA",{"url":185,"sources":186,"tags":187},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/",[156,162],[177,183],{"url":189,"sources":190,"tags":191},"https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html",[156,162],[171,172,166],{"url":193,"sources":194,"tags":195},"https://www.oracle.com/security-alerts/cpuapr2022.html",[156,162],[164,165,166],{"url":197,"sources":198,"tags":199},"https://security.netapp.com/advisory/ntap-20220303-0008/",[156,162],[200,166],"X Refsource CONFIRM",{"url":202,"sources":203,"tags":204},"https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf",[156,162],[200,166],{"url":206,"sources":207,"tags":208},"https://security.gentoo.org/glsa/202209-24",[156,162],[177,209,166],"X Refsource GENTOO",[],{"date":212,"score":152,"percentile":213},"2026-06-04",0.93575,[215,219,222,224,228,231,234,236,239,242,245,248,250,253,255,259,262,265,269,272,275,278,281,283,286,289,291,294,297,300,303,306,309,312,314,317,319,322,325,328,331,334,337,340,342,345,348,351,354,357,359,362,365,368,372,375,378,380,383,386,389,392,395,398,401,403,405,408,411,413,416,419,422,425,428,431,434,436,438,441,444,447,450,453,456,458,461,463,465,467],{"date":216,"score":217,"percentile":218},"2025-11-04",0.12196,0.93529,{"date":220,"score":217,"percentile":221},"2025-11-05",0.93528,{"date":223,"score":217,"percentile":218},"2025-11-06",{"date":225,"score":226,"percentile":227},"2025-11-07",0.11914,0.93448,{"date":229,"score":226,"percentile":230},"2025-11-08",0.93447,{"date":232,"score":226,"percentile":233},"2025-11-09",0.93445,{"date":235,"score":226,"percentile":233},"2025-11-10",{"date":237,"score":226,"percentile":238},"2025-11-11",0.93449,{"date":240,"score":226,"percentile":241},"2025-11-12",0.93454,{"date":243,"score":226,"percentile":244},"2025-11-13",0.93456,{"date":246,"score":226,"percentile":247},"2025-11-14",0.93459,{"date":249,"score":226,"percentile":241},"2025-11-15",{"date":251,"score":226,"percentile":252},"2025-11-16",0.93457,{"date":254,"score":226,"percentile":244},"2025-11-17",{"date":256,"score":257,"percentile":258},"2025-11-18",0.11274,0.92808,{"date":260,"score":257,"percentile":261},"2025-11-19",0.92812,{"date":263,"score":257,"percentile":264},"2025-11-20",0.92817,{"date":266,"score":267,"percentile":268},"2025-11-21",0.09231,0.92386,{"date":270,"score":217,"percentile":271},"2025-11-22",0.93551,{"date":273,"score":217,"percentile":274},"2025-11-23",0.93556,{"date":276,"score":217,"percentile":277},"2025-11-24",0.93558,{"date":279,"score":217,"percentile":280},"2025-11-25",0.9356,{"date":282,"score":217,"percentile":277},"2025-11-26",{"date":284,"score":217,"percentile":285},"2025-11-27",0.93561,{"date":287,"score":217,"percentile":288},"2025-11-28",0.93554,{"date":290,"score":217,"percentile":280},"2025-11-29",{"date":292,"score":217,"percentile":293},"2025-11-30",0.93559,{"date":295,"score":217,"percentile":296},"2025-12-01",0.93603,{"date":298,"score":217,"percentile":299},"2025-12-02",0.93607,{"date":301,"score":217,"percentile":302},"2025-12-03",0.9361,{"date":304,"score":217,"percentile":305},"2025-12-04",0.93564,{"date":307,"score":226,"percentile":308},"2025-12-05",0.93477,{"date":310,"score":226,"percentile":311},"2025-12-06",0.93476,{"date":313,"score":226,"percentile":311},"2025-12-07",{"date":315,"score":226,"percentile":316},"2025-12-08",0.93479,{"date":318,"score":226,"percentile":316},"2025-12-09",{"date":320,"score":226,"percentile":321},"2025-12-10",0.93484,{"date":323,"score":226,"percentile":324},"2025-12-11",0.93487,{"date":326,"score":226,"percentile":327},"2025-12-12",0.93491,{"date":329,"score":226,"percentile":330},"2025-12-13",0.93495,{"date":332,"score":226,"percentile":333},"2025-12-14",0.93493,{"date":335,"score":226,"percentile":336},"2025-12-15",0.93496,{"date":338,"score":226,"percentile":339},"2025-12-16",0.93492,{"date":341,"score":226,"percentile":336},"2025-12-17",{"date":343,"score":226,"percentile":344},"2025-12-18",0.93499,{"date":346,"score":226,"percentile":347},"2025-12-19",0.935,{"date":349,"score":226,"percentile":350},"2025-12-20",0.93497,{"date":352,"score":226,"percentile":353},"2025-12-21",0.93501,{"date":355,"score":226,"percentile":356},"2025-12-22",0.93508,{"date":358,"score":226,"percentile":347},"2025-12-23",{"date":360,"score":226,"percentile":361},"2025-12-24",0.93505,{"date":363,"score":226,"percentile":364},"2025-12-25",0.93518,{"date":366,"score":226,"percentile":367},"2025-12-26",0.93516,{"date":369,"score":370,"percentile":371},"2025-12-27",0.13322,0.93975,{"date":373,"score":226,"percentile":374},"2025-12-28",0.93513,{"date":376,"score":226,"percentile":377},"2025-12-29",0.93512,{"date":379,"score":226,"percentile":374},"2025-12-30",{"date":381,"score":370,"percentile":382},"2025-12-31",0.93936,{"date":384,"score":370,"percentile":385},"2026-01-01",0.9398,{"date":387,"score":370,"percentile":388},"2026-01-02",0.93976,{"date":390,"score":370,"percentile":391},"2026-01-03",0.93973,{"date":393,"score":370,"percentile":394},"2026-01-04",0.93932,{"date":396,"score":370,"percentile":397},"2026-01-05",0.93928,{"date":399,"score":370,"percentile":400},"2026-01-06",0.93929,{"date":402,"score":370,"percentile":400},"2026-01-07",{"date":404,"score":370,"percentile":394},"2026-01-08",{"date":406,"score":370,"percentile":407},"2026-01-09",0.93935,{"date":409,"score":370,"percentile":410},"2026-01-10",0.93937,{"date":412,"score":370,"percentile":407},"2026-01-11",{"date":414,"score":370,"percentile":415},"2026-01-12",0.93933,{"date":417,"score":370,"percentile":418},"2026-01-13",0.93934,{"date":420,"score":370,"percentile":421},"2026-01-14",0.93942,{"date":423,"score":370,"percentile":424},"2026-01-15",0.93944,{"date":426,"score":370,"percentile":427},"2026-01-16",0.93948,{"date":429,"score":370,"percentile":430},"2026-01-17",0.93953,{"date":432,"score":370,"percentile":433},"2026-01-18",0.93949,{"date":435,"score":370,"percentile":427},"2026-01-19",{"date":437,"score":370,"percentile":433},"2026-01-20",{"date":439,"score":370,"percentile":440},"2026-01-21",0.93952,{"date":442,"score":370,"percentile":443},"2026-01-22",0.93955,{"date":445,"score":370,"percentile":446},"2026-01-23",0.93962,{"date":448,"score":370,"percentile":449},"2026-01-24",0.93966,{"date":451,"score":370,"percentile":452},"2026-01-25",0.93968,{"date":454,"score":370,"percentile":455},"2026-01-26",0.9397,{"date":457,"score":370,"percentile":455},"2026-01-27",{"date":459,"score":370,"percentile":460},"2026-01-28",0.93974,{"date":462,"score":370,"percentile":371},"2026-01-29",{"date":464,"score":370,"percentile":460},"2026-01-30",{"date":466,"score":370,"percentile":388},"2026-01-31",{"date":468,"score":370,"percentile":469},"2026-02-01",0.94014,[471,475],{"source":156,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":472,"cvss_v4_0":9},{"baseScore":154,"baseSeverity":473,"vectorString":157,"impactScore":154,"exploitabilityScore":474},"CRITICAL",10,{"source":162,"cvss_v2_0":476,"cvss_v3_0":9,"cvss_v3_1":480,"cvss_v4_0":9},{"baseScore":477,"baseSeverity":9,"vectorString":478,"impactScore":479,"exploitabilityScore":474},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,{"baseScore":154,"baseSeverity":473,"vectorString":157,"impactScore":154,"exploitabilityScore":474},[482,493,501,511,520,526],{"ecosystem":9,"name":483,"vendor":484,"product":485,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":487},"debian linux","debian","debian_linux","o",[488,491],{"version":489,"is_range":150,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"version":492,"is_range":150,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"11.0",{"ecosystem":9,"name":494,"vendor":495,"product":494,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":496},"fedora","fedoraproject",[497,499],{"version":498,"is_range":150,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34",{"version":500,"is_range":150,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35",{"ecosystem":9,"name":502,"vendor":503,"product":502,"cpe_part":504,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":505},"libexpat","libexpat_project","a",[506],{"version":507,"is_range":508,"range_type":490,"version_start":9,"version_start_type":9,"version_end":509,"version_end_type":510,"fixed_in":9},"lt2.4.5",true,"2.4.5","excluding",{"ecosystem":9,"name":512,"vendor":513,"product":514,"cpe_part":504,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":515},"http server","oracle","http_server",[516,518],{"version":517,"is_range":150,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.2.1.3.0",{"version":519,"is_range":150,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.2.1.4.0",{"ecosystem":9,"name":521,"vendor":513,"product":522,"cpe_part":504,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":523},"zfs storage appliance kit","zfs_storage_appliance_kit",[524],{"version":525,"is_range":150,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.8",{"ecosystem":9,"name":527,"vendor":528,"product":529,"cpe_part":504,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":530},"sinema remote connect server","siemens","sinema_remote_connect_server",[531],{"version":532,"is_range":508,"range_type":490,"version_start":9,"version_start_type":9,"version_end":533,"version_end_type":510,"fixed_in":9},"lt3.1","3.1"]