CVE-2023-52425

Updated: 2024-02-26 20:16:48.533774

Description:

libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU expat 2.5.0 7.5 HIGH In Progress 2024-02-14 08:26:44
CentOS 6 ELS expat 2.0.1 7.5 HIGH In Testing 2024-02-15 13:08:22
CentOS 7 ELS expat 2.1.0 7.5 HIGH Needs Triage 2024-02-09 02:53:28
CentOS 8.4 ELS expat 2.2.5 7.5 HIGH Needs Triage 2024-02-09 02:53:20
CentOS 8.5 ELS expat 2.2.5 7.5 HIGH Needs Triage 2024-02-09 02:53:22
CloudLinux 6 ELS expat 2.0.1 7.5 HIGH In Testing 2024-02-15 13:08:21
Oracle Linux 6 ELS expat 2.0.1 7.5 HIGH In Testing 2024-02-15 13:08:21
Ubuntu 16.04 ELS expat 2.1.0 7.5 HIGH Needs Triage 2024-02-19 16:08:56
Ubuntu 18.04 ELS expat 2.2.5-3 7.5 HIGH In Progress 2024-02-12 13:08:19