CVE-2022-22823

Опубликовано: 10 янв. 2022

Источник: debian

EPSS Низкий

Описание

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.4.3-1		package
libxmltok	removed			package
libxmltok	ignored		bookworm	package

https://github.com/libexpat/libexpat/pull/539
https://github.com/libexpat/libexpat/commit/9f93e8036e842329863bf20395b8fb8f73834d9e (R_2_4_3)

EPSS

Процентиль: 60%

0.00409

Низкий

CVE-2022-22823

CVSS3: 9.8

ubuntu

больше 3 лет назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22823

CVSS3: 9.8

redhat

больше 3 лет назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22823

CVSS3: 9.8

nvd

больше 3 лет назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22823

CVSS3: 9.8

msrc

больше 3 лет назад

Описание отсутствует

GHSA-g654-6pp3-8m8w

CVSS3: 9.8

github

больше 3 лет назад

build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

EPSS

Процентиль: 60%

0.00409

Низкий