CVE-2022-22827

Опубликовано: 10 янв. 2022

Источник: debian

EPSS Низкий

Описание

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.4.3-1		package
libxmltok	removed			package
libxmltok	ignored		bookworm	package

https://github.com/libexpat/libexpat/pull/539
https://github.com/libexpat/libexpat/commit/9f93e8036e842329863bf20395b8fb8f73834d9e (R_2_4_3)

EPSS

Процентиль: 50%

0.00265

Низкий

CVE-2022-22827

CVSS3: 8.8

ubuntu

больше 3 лет назад

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22827

CVSS3: 8.8

redhat

больше 3 лет назад

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22827

CVSS3: 8.8

nvd

больше 3 лет назад

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

CVE-2022-22827

CVSS3: 8.8

msrc

больше 3 лет назад

Описание отсутствует

GHSA-97f8-83vc-c97q

CVSS3: 8.8

github

больше 3 лет назад

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

EPSS

Процентиль: 50%

0.00265

Низкий