ALT-PU-2022-6295-1
Package expat updated to version 2.4.9-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
Published: 2022-09-14
BDU:2023-02596
Уязвимость функции doContent файла xmlparse.c библиотеки синтаксического анализатора XML libexpat, позволяющая нарушителю выполнить произвольный код
Severity: HIGH (8.1)
Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2022-09-14
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-40674
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
Severity: HIGH (8.1)
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- https://github.com/libexpat/libexpat/pull/629
- https://github.com/libexpat/libexpat/pull/629
- https://github.com/libexpat/libexpat/pull/640
- https://github.com/libexpat/libexpat/pull/640
- [debian-lts-announce] 20220925 [SECURITY] [DLA 3119-1] expat security update
- [debian-lts-announce] 20220925 [SECURITY] [DLA 3119-1] expat security update
- FEDORA-2022-d93b3bd8b9
- FEDORA-2022-d93b3bd8b9
- FEDORA-2022-c68d90efc3
- FEDORA-2022-c68d90efc3
- FEDORA-2022-dcb1d7bcb1
- FEDORA-2022-dcb1d7bcb1
- FEDORA-2022-15ec504440
- FEDORA-2022-15ec504440
- FEDORA-2022-c22feb71ba
- FEDORA-2022-c22feb71ba
- GLSA-202209-24
- GLSA-202209-24
- GLSA-202211-06
- GLSA-202211-06
- https://security.netapp.com/advisory/ntap-20221028-0008/
- https://security.netapp.com/advisory/ntap-20221028-0008/
- DSA-5236
- DSA-5236