CVE-2021-46143

Updated: 2024-11-24 04:12:50.455079

Description:

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 6.8
CVSS Version 3.x HIGH 7.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS expat 2.0.1 7.8 HIGH Released CLSA-2022:1660762248 2022-08-29 14:02:34
CentOS 7 ELS expat 2.1.0 7.8 HIGH Already Fixed 2023-09-19 09:30:31
CentOS 8.4 ELS expat 2.2.5 7.8 HIGH Released CLSA-2022:1660757175 2022-08-17 14:02:29
CentOS 8.5 ELS expat 2.2.5 7.8 HIGH Released CLSA-2022:1660758476 2022-08-17 14:02:29
CloudLinux 6 ELS expat 2.0.1 7.8 HIGH Released CLSA-2022:1660820620 2022-08-29 11:02:35
Oracle Linux 6 ELS expat 2.0.1 7.8 HIGH Released CLSA-2022:1660759632 2022-08-17 17:02:23
Ubuntu 16.04 ELS expat 2.1.0 7.8 HIGH Released CLSA-2022:1660760528 2022-08-17 17:02:23
Ubuntu 18.04 ELS expat 2.2.5-3 7.8 HIGH Already Fixed 2023-06-02 09:09:55