CVE-2022-22823

Опубликовано: 10 янв. 2022

Источник: debian

EPSS Низкий

Описание

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.4.3-1		package
libxmltok	removed			package
libxmltok	ignored		bookworm	package

https://github.com/libexpat/libexpat/pull/539
https://github.com/libexpat/libexpat/commit/9f93e8036e842329863bf20395b8fb8f73834d9e (R_2_4_3)

EPSS

Процентиль: 59%

0.00377

Низкий

CVE-2022-22823

CVSS3: 9.8

ubuntu

почти 4 года назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22823

CVSS3: 9.8

redhat

почти 4 года назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22823

CVSS3: 9.8

nvd

почти 4 года назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22823

CVSS3: 9.8

msrc

почти 4 года назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

GHSA-g654-6pp3-8m8w

CVSS3: 9.8

github

почти 4 года назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

EPSS

Процентиль: 59%

0.00377

Низкий