Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-15903

Опубликовано: 04 сент. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

РелизСтатусПримечание
bionic

not-affected

code-not-compiled
devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

not-affected

code-not-compiled
esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled
esm-infra/xenial

not-affected

code-not-compiled
focal

not-affected

code-not-compiled
groovy

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
bionic

not-affected

code-not-compiled
devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

not-affected

code-not-compiled
esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled
esm-infra/xenial

not-affected

code-not-compiled
focal

not-affected

code-not-compiled
groovy

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/noble

not-affected

uses system expat
esm-apps/xenial

not-affected

uses system expat
esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

released

78.0.3904.70-0ubuntu0.18.04.2
devel

released

78.0.3904.70-0ubuntu1
disco

released

78.0.3904.70-0ubuntu0.19.04.4
eoan

released

79.0.3945.79-0ubuntu0.19.10.2
esm-apps/noble

released

78.0.3904.70-0ubuntu1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal was released [78.0.3904.70-0ubuntu1]
focal

released

78.0.3904.70-0ubuntu1
groovy

released

78.0.3904.70-0ubuntu1
hirsute

released

78.0.3904.70-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

not-affected

code-not-compiled
devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled
esm-infra/xenial

not-affected

code-not-compiled
focal

not-affected

code-not-compiled
groovy

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

not-affected

uses system expat
disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needed

esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/noble

not-affected

uses system expat
esm-apps/xenial

needed

esm-infra-legacy/trusty

needed

Показывать по

РелизСтатусПримечание
bionic

released

2.2.5-3ubuntu0.2
devel

not-affected

2.2.7-2
disco

released

2.2.6-1ubuntu0.19.5
eoan

not-affected

2.2.7-2
esm-infra-legacy/trusty

not-affected

2.1.0-4ubuntu1.4+esm2
esm-infra/bionic

not-affected

2.2.5-3ubuntu0.2
esm-infra/focal

not-affected

2.2.7-2
esm-infra/xenial

not-affected

2.1.0-7ubuntu0.16.04.5
focal

not-affected

2.2.7-2
groovy

not-affected

2.2.7-2

Показывать по

РелизСтатусПримечание
bionic

released

70.0+build2-0ubuntu0.18.04.1
devel

released

70.0+build2-0ubuntu1
disco

released

70.0+build2-0ubuntu0.19.04.1
eoan

released

70.0+build2-0ubuntu0.19.10.1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

70.0+build2-0ubuntu1
groovy

released

70.0+build2-0ubuntu1
hirsute

released

70.0+build2-0ubuntu1
impish

released

70.0+build2-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/noble

not-affected

uses system expat
esm-apps/xenial

not-affected

uses system expat
esm-infra-legacy/trusty

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

not-affected

code-not-compiled
devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled
esm-infra/xenial

not-affected

code-not-compiled
focal

not-affected

code-not-compiled
groovy

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

DNE

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

needed

esm-apps/bionic

released

1.2-4ubuntu0.18.04.1~esm4
esm-apps/focal

released

1.2-4ubuntu0.20.04.1~esm4
esm-apps/jammy

released

1.2-4ubuntu0.22.04.1~esm4
esm-apps/noble

released

1.2-4.1ubuntu2.24.0.4.1+esm2
esm-apps/xenial

released

1.2-3ubuntu0.16.04.1~esm2
focal

ignored

end of standard support, was needed
hirsute

ignored

end of life
impish

ignored

end of life

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

ignored

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

ignored

esm-apps/focal

ignored

esm-apps/jammy

ignored

esm-apps/noble

ignored

esm-apps/xenial

ignored

esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/noble

not-affected

uses system expat
esm-apps/xenial

not-affected

uses system expat
esm-infra-legacy/trusty

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
disco

not-affected

uses system expat
eoan

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/noble

not-affected

uses system expat
esm-apps/xenial

not-affected

uses system expat
esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

code-not-compiled
devel

DNE

disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-apps/bionic

not-affected

code-not-compiled
esm-apps/xenial

not-affected

code-not-compiled
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

not-affected

code-not-compiled
devel

not-affected

code-not-compiled
disco

not-affected

code-not-compiled
eoan

not-affected

code-not-compiled
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled
esm-infra/xenial

not-affected

code-not-compiled
focal

not-affected

code-not-compiled
groovy

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
bionic

released

1:68.2.1+build1-0ubuntu0.18.04.1
devel

released

1:68.2.0+build1.1-0ubuntu1
disco

ignored

end of life
eoan

released

1:68.2.1+build1-0ubuntu0.19.10.1
esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

released

1:68.2.0+build1.1-0ubuntu1
groovy

released

1:68.2.0+build1.1-0ubuntu1
hirsute

released

1:68.2.0+build1.1-0ubuntu1
impish

released

1:68.2.0+build1.1-0ubuntu1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

DNE

disco

not-affected

code not present
eoan

not-affected

code not present
esm-apps/bionic

needed

esm-apps/xenial

needed

esm-infra-legacy/trusty

needed

esm-infra/focal

DNE

focal

DNE

groovy

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

released

5.10.1+dfsg-2.1ubuntu0.1~esm1
esm-infra-legacy/trusty

not-affected

5.8.0-14.1ubuntu3+esm1
esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

DNE

Показывать по

РелизСтатусПримечание
bionic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-infra-legacy/trusty

DNE

esm-infra/focal

DNE

focal

DNE

groovy

DNE

hirsute

DNE

impish

DNE

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
devel

needed

disco

ignored

end of life
eoan

ignored

end of life
esm-apps/bionic

needed

esm-apps/focal

needed

esm-apps/jammy

needed

esm-apps/noble

needed

esm-apps/xenial

needed

esm-infra-legacy/trusty

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 42%
0.00199
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-15903

CVSS3: 7.5
redhat
почти 6 лет назад

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

nvd логотип

CVE-2019-15903

CVSS3: 7.5
nvd
почти 6 лет назад

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

debian логотип

CVE-2019-15903

CVSS3: 7.5
debian
почти 6 лет назад

In libexpat before 2.2.8, crafted XML input could fool the parser into ...

suse-cvrf логотип

openSUSE-SU-2019:2205-1

suse-cvrf
больше 5 лет назад

Security update for expat

suse-cvrf логотип

openSUSE-SU-2019:2204-1

suse-cvrf
больше 5 лет назад

Security update for expat

EPSS

Процентиль: 42%
0.00199
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Уязвимость CVE-2019-15903