CVE-2022-23990

Updated: 2023-11-07 19:56:43.017595

Description:

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 5
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS expat 2.0.1 7.5 HIGH Released CLSA-2022:1660762248 2022-08-29 14:02:33
CentOS 7 ELS expat 2.1.0 7.5 HIGH Released CLSA-2023:1696877712 2023-10-09 17:08:44
CentOS 8.4 ELS expat 2.2.5 7.5 HIGH Released CLSA-2022:1660757175 2022-08-17 14:02:28
CentOS 8.5 ELS expat 2.2.5 7.5 HIGH Released CLSA-2022:1660758476 2022-08-17 14:02:28
CloudLinux 6 ELS expat 2.0.1 7.5 HIGH Released CLSA-2022:1660820620 2022-08-29 11:02:34
Oracle Linux 6 ELS expat 2.0.1 7.5 HIGH Released CLSA-2022:1660759632 2022-08-17 17:02:21
Ubuntu 16.04 ELS expat 2.1.0 7.5 HIGH Released CLSA-2022:1660760528 2022-08-17 17:02:22
Ubuntu 18.04 ELS expat 2.2.5-3 7.5 HIGH Already Fixed 2023-06-02 09:09:54