Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-43680

Опубликовано: 24 окт. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.5

Описание

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
esm-infra-legacy/trusty

not-affected

uses system expat
esm-infra/bionic

not-affected

uses system expat
esm-infra/focal

not-affected

uses system expat
esm-infra/xenial

not-affected

uses system expat
focal

not-affected

uses system expat
jammy

not-affected

uses system expat
kinetic

not-affected

uses system expat
lunar

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
esm-infra-legacy/trusty

not-affected

uses system expat
esm-infra/bionic

not-affected

uses system expat
esm-infra/focal

not-affected

uses system expat
esm-infra/xenial

not-affected

uses system expat
focal

not-affected

uses system expat
jammy

not-affected

uses system expat
kinetic

not-affected

uses system expat
lunar

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-apps/xenial

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

trusty

ignored

end of standard support
upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-apps/xenial

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

trusty

ignored

end of standard support
upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

kinetic

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
esm-infra/bionic

not-affected

uses system expat
esm-infra/focal

not-affected

uses system expat
esm-infra/xenial

not-affected

uses system expat
focal

not-affected

uses system expat
jammy

not-affected

uses system expat
kinetic

not-affected

uses system expat
lunar

not-affected

uses system expat
mantic

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

uses system expat
esm-apps/bionic

needs-triage

esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/noble

not-affected

uses system expat
esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

needs-triage

focal

not-affected

uses system expat
jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

released

2.2.5-3ubuntu0.8
devel

released

2.5.0-1
esm-infra-legacy/trusty

released

2.1.0-4ubuntu1.4+esm7
esm-infra/bionic

released

2.2.5-3ubuntu0.8
esm-infra/focal

released

2.2.9-1ubuntu0.6
esm-infra/xenial

released

2.1.0-7ubuntu0.16.04.5+esm7
focal

released

2.2.9-1ubuntu0.6
jammy

released

2.4.7-1ubuntu0.2
kinetic

released

2.4.8-2ubuntu0.22.10.1
lunar

released

2.5.0-1

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

not-affected

code not present
esm-infra/focal

DNE

focal

ignored

end of standard support, was ignored [bundled deps handled by upstream in new versions]
jammy

not-affected

code not present
kinetic

not-affected

code not present
lunar

not-affected

code not present
mantic

not-affected

code not present
noble

not-affected

code not present
oracular

not-affected

code not present

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/noble

not-affected

uses system expat
esm-apps/xenial

not-affected

uses system expat
esm-infra-legacy/trusty

not-affected

uses system expat
focal

not-affected

uses system expat
jammy

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

not-affected

uses system expat
esm-infra/bionic

not-affected

uses system expat
esm-infra/focal

not-affected

uses system expat
esm-infra/xenial

not-affected

uses system expat
focal

not-affected

uses system expat
jammy

not-affected

uses system expat
kinetic

not-affected

uses system expat
lunar

not-affected

uses system expat
mantic

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-apps/xenial

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

trusty

ignored

end of standard support
upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

not-affected

uses system expat
devel

DNE

esm-apps/bionic

not-affected

uses system expat
esm-apps/focal

not-affected

uses system expat
esm-apps/jammy

not-affected

uses system expat
esm-apps/xenial

needs-triage

focal

not-affected

uses system expat
jammy

not-affected

uses system expat
kinetic

not-affected

uses system expat
lunar

not-affected

uses system expat

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

esm-apps/bionic

not-affected

code not present
esm-apps/focal

not-affected

code not present
esm-apps/jammy

not-affected

code not present
esm-apps/noble

not-affected

code not present
esm-apps/xenial

not-affected

code not present
focal

not-affected

code not present
jammy

not-affected

code not present
kinetic

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

ignored

esm-apps/bionic

ignored

esm-apps/focal

ignored

esm-apps/jammy

ignored

esm-apps/noble

ignored

esm-apps/xenial

ignored

focal

ignored

jammy

ignored

kinetic

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

code-not-compiled
esm-apps/bionic

not-affected

code-not-compiled
esm-apps/xenial

not-affected

code-not-compiled
esm-infra/focal

DNE

focal

DNE

jammy

DNE

trusty

ignored

end of standard support
upstream

needs-triage

xenial

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

kinetic

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

kinetic

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

not-affected

code-not-compiled
devel

not-affected

code-not-compiled
esm-infra/bionic

not-affected

code-not-compiled
esm-infra/focal

not-affected

code-not-compiled
esm-infra/xenial

not-affected

code-not-compiled
focal

not-affected

code-not-compiled
jammy

not-affected

code-not-compiled
kinetic

not-affected

code-not-compiled
lunar

not-affected

code-not-compiled
mantic

not-affected

code-not-compiled

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

ignored

bundled deps handled by upstream in new versions
esm-infra/focal

DNE

focal

ignored

end of standard support, was ignored [bundled deps handled by upstream in new versions]
jammy

ignored

bundled deps handled by upstream in new versions
kinetic

ignored

end of life, was needs-triage
lunar

ignored

end of life, was ignored [bundled deps handled by upstream in new versions]
mantic

ignored

end of life, was ignored [bundled deps handled by upstream in new versions]
noble

ignored

bundled deps handled by upstream in new versions
oracular

ignored

end of life, was ignored [bundled deps handled by upstream in new versions]

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
esm-apps/bionic

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of ESM support, was needs-triage
upstream

needs-triage

Показывать по

РелизСтатусПримечание
bionic

DNE

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

needs-triage

esm-infra/focal

DNE

focal

DNE

jammy

DNE

trusty

ignored

end of standard support
trusty/esm

ignored

end of ESM support, was needs-triage
upstream

needs-triage

xenial

ignored

end of standard support

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

kinetic

ignored

end of life, was needs-triage

Показывать по

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

esm-infra-legacy/trusty

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 57%
0.00359
Низкий

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2022-43680

CVSS3: 7.5
redhat
около 3 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

nvd логотип

CVE-2022-43680

CVSS3: 7.5
nvd
около 3 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

msrc логотип

CVE-2022-43680

CVSS3: 7.5
msrc
около 3 лет назад

In libexpat through 2.4.9 there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

debian логотип

CVE-2022-43680

CVSS3: 7.5
debian
около 3 лет назад

In libexpat through 2.4.9, there is a use-after free caused by overeag ...

suse-cvrf логотип

SUSE-SU-2022:3912-1

suse-cvrf
около 3 лет назад

Security update for expat

EPSS

Процентиль: 57%
0.00359
Низкий

7.5 High

CVSS3

Уязвимость CVE-2022-43680