CVE-2022-40674

Опубликовано: 14 сент. 2022

Источник: debian

EPSS Низкий

Описание

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.4.8-2		package
libxmltok	removed			package
libxmltok	ignored		bookworm	package

https://github.com/libexpat/libexpat/pull/629
https://github.com/libexpat/libexpat/pull/640
https://github.com/libexpat/libexpat/commit/4a32da87e931ba54393d465bb77c40b5c33d343b

EPSS

Процентиль: 76%

0.00995

Низкий

CVE-2022-40674

CVSS3: 8.1

ubuntu

больше 3 лет назад

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

CVE-2022-40674

CVSS3: 8.1

redhat

больше 3 лет назад

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

CVE-2022-40674

CVSS3: 8.1

nvd

больше 3 лет назад

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

CVE-2022-40674

CVSS3: 8.1

msrc

больше 3 лет назад

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

SUSE-SU-2022:3597-1

suse-cvrf

больше 3 лет назад

Security update for expat

EPSS

Процентиль: 76%

0.00995

Низкий