CVE-2022-22825

Опубликовано: 10 янв. 2022

Источник: debian

EPSS Низкий

Описание

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.4.3-1		package
libxmltok	removed			package
libxmltok	ignored		bookworm	package

https://github.com/libexpat/libexpat/pull/539
https://github.com/libexpat/libexpat/commit/9f93e8036e842329863bf20395b8fb8f73834d9e (R_2_4_3)

EPSS

Процентиль: 40%

0.0018

Низкий

CVE-2022-22825

CVSS3: 8.8

ubuntu

почти 4 года назад

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22825

CVSS3: 8.8

redhat

почти 4 года назад

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22825

CVSS3: 8.8

nvd

почти 4 года назад

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22825

CVSS3: 8.8

msrc

почти 4 года назад

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

GHSA-2h26-9fpg-gcx8

CVSS3: 8.8

github

почти 4 года назад

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

EPSS

Процентиль: 40%

0.0018

Низкий