Описание
ELSA-2022-6838: expat security update (IMPORTANT)
[ 2.2.10-12.3]
- Ensure raw tagnames are safe exiting internalEntityParser
- Resolves: CVE-2022-40674
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
expat
2.2.10-12.el9_0.3
expat-devel
2.2.10-12.el9_0.3
Oracle Linux x86_64
expat
2.2.10-12.el9_0.3
expat-devel
2.2.10-12.el9_0.3
Связанные CVE
Связанные уязвимости
CVSS3: 8.1
ubuntu
почти 3 года назад
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
CVSS3: 8.1
redhat
почти 3 года назад
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
CVSS3: 8.1
nvd
почти 3 года назад
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
CVSS3: 8.1
debian
почти 3 года назад
libexpat before 2.4.9 has a use-after-free in the doContent function i ...