CVE-2022-22827

Updated: 2023-11-04 21:04:12.020146

Description:

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 6.8
CVSS Version 3.x HIGH 8.8

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS expat 2.0.1 8.8 HIGH Released CLSA-2022:1660762248 2022-08-29 14:02:28
CentOS 7 ELS expat 2.1.0 8.8 HIGH Already Fixed 2023-09-19 09:30:31
CentOS 8.4 ELS expat 2.2.5 8.8 HIGH Released CLSA-2022:1660757175 2022-08-17 14:02:24
CentOS 8.5 ELS expat 2.2.5 8.8 HIGH Released CLSA-2022:1660758476 2022-08-17 14:02:24
CloudLinux 6 ELS expat 2.0.1 8.8 HIGH Released CLSA-2022:1660820620 2022-08-29 11:02:30
Oracle Linux 6 ELS expat 2.0.1 8.8 HIGH Released CLSA-2022:1660759632 2022-08-17 17:02:15
Ubuntu 16.04 ELS expat 2.1.0 8.8 HIGH Released CLSA-2022:1660760528 2022-08-17 17:02:16
Ubuntu 18.04 ELS expat 2.2.5-3 8.8 HIGH Already Fixed 2023-06-02 09:09:55