Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:0103

Опубликовано: 12 янв. 2023
Источник: rocky
Оценка: Moderate

Описание

Moderate: expat security update

Expat is a C library for parsing XML documents.

Security Fix(es):

  • expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
expatx86_6410.el8_7.1expat-2.2.5-10.el8_7.1.x86_64.rpm
expat-develx86_6410.el8_7.1expat-devel-2.2.5-10.el8_7.1.x86_64.rpm

Показывать по

Связанные CVE

CVE-2022-43680

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2022-43680

CVSS3: 7.5
ubuntu
больше 2 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

redhat логотип

CVE-2022-43680

CVSS3: 7.5
redhat
больше 2 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

nvd логотип

CVE-2022-43680

CVSS3: 7.5
nvd
больше 2 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

msrc логотип

CVE-2022-43680

CVSS3: 7.5
msrc
больше 2 лет назад

Описание отсутствует

debian логотип

CVE-2022-43680

CVSS3: 7.5
debian
больше 2 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeag ...