CVE-2022-25236

Updated: 2024-11-30 03:26:34.375687

Description:

xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x HIGH 7.5
CVSS Version 3.x CRITICAL 9.8

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS expat 2.0.1 9.8 CRITICAL Released CLSA-2022:1660762248 2022-08-29 14:02:38
CentOS 7 ELS expat 2.1.0 9.8 CRITICAL Already Fixed 2023-09-19 09:30:31
CentOS 8.4 ELS expat 2.2.5 9.8 CRITICAL Released CLSA-2022:1660757175 2022-08-17 14:02:32
CentOS 8.5 ELS expat 2.2.5 9.8 CRITICAL Released CLSA-2022:1660758476 2022-08-17 14:02:32
CloudLinux 6 ELS expat 2.0.1 9.8 CRITICAL Released CLSA-2022:1660820620 2022-08-29 11:02:37
Oracle Linux 6 ELS expat 2.0.1 9.8 CRITICAL Released CLSA-2022:1660759632 2022-08-17 17:02:27
Ubuntu 16.04 ELS expat 2.1.0 9.8 CRITICAL Released CLSA-2022:1660760528 2022-08-17 17:02:27
Ubuntu 18.04 ELS expat 2.2.5-3 9.8 CRITICAL Already Fixed 2023-05-29 08:56:52