CVE-2022-43680

Опубликовано: 25 окт. 2022

Источник: msrc

CVSS3: 7.5

EPSS Низкий

Описание

In libexpat through 2.4.9 there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

EPSS

Процентиль: 57%

0.00359

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2022-43680

CVSS3: 7.5

ubuntu

около 3 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

CVE-2022-43680

CVSS3: 7.5

redhat

около 3 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

CVE-2022-43680

CVSS3: 7.5

nvd

около 3 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

CVE-2022-43680

CVSS3: 7.5

debian

около 3 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeag ...

SUSE-SU-2022:3912-1

suse-cvrf

около 3 лет назад

Security update for expat

EPSS

Процентиль: 57%

0.00359

Низкий

7.5 High

CVSS3