Lucene search
AlmaLinuxALSA-2022:6878HistoryOct 11, 2022 - 12:00 a.m.
Important: expat security update
2022-10-1100:00:00
errata.almalinux.org
16
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
77.8%
Expat is a C library for parsing XML documents.
Security Fix(es):
- expat: a use-after-free in the doContent function in xmlparse.c (CVE-2022-40674)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 8 | x86_64 | expat | < 2.2.5-8.el8_6.3 | expat-2.2.5-8.el8_6.3.x86_64.rpm |
| almalinux | 8 | x86_64 | expat-devel | < 2.2.5-8.el8_6.3 | expat-devel-2.2.5-8.el8_6.3.x86_64.rpm |
| almalinux | 8 | aarch64 | expat-devel | < 2.2.5-8.el8_6.3 | expat-devel-2.2.5-8.el8_6.3.aarch64.rpm |
| almalinux | 8 | aarch64 | expat | < 2.2.5-8.el8_6.3 | expat-2.2.5-8.el8_6.3.aarch64.rpm |
| almalinux | 8 | ppc64le | expat-devel | < 2.2.5-8.el8_6.3 | expat-devel-2.2.5-8.el8_6.3.ppc64le.rpm |
| almalinux | 8 | ppc64le | expat | < 2.2.5-8.el8_6.3 | expat-2.2.5-8.el8_6.3.ppc64le.rpm |
| almalinux | 8 | s390x | expat-devel | < 2.2.5-8.el8_6.3 | expat-devel-2.2.5-8.el8_6.3.s390x.rpm |
| almalinux | 8 | s390x | expat | < 2.2.5-8.el8_6.3 | expat-2.2.5-8.el8_6.3.s390x.rpm |
Related
cve
cve
CVE-2022-40674
2022-09-14 11:15:54
nessus
nessus
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current expat Vulnerability (SSA:2022-263-01)
2022-09-20 00:00:00
RHEL 9 : expat (RHSA-2022:6838)
2022-10-06 00:00:00
Oracle Linux 8 : expat (ELSA-2022-6878)
2022-10-12 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0249
2022-09-21 00:00:00
redhatcve
redhatcve
CVE-2022-40674
2022-09-29 05:18:54
mageia
mageia
Updated expat packages fix security vulnerability
2022-10-01 20:48:24
Updated thunderbird packages fix security vulnerability
2022-10-28 09:54:08
Updated firefox packages fix security vulnerability
2022-10-28 09:54:08
ibm
ibm
redhat
redhat
(RHSA-2022:6834) Important: expat security update
2022-10-06 12:04:09
(RHSA-2022:6831) Important: expat security update
2022-10-06 12:03:25
(RHSA-2022:6967) Important: compat-expat1 security update
2022-10-17 08:01:11
osv
osv
expat - security update
2022-09-22 00:00:00
Important: thunderbird security update
2022-10-18 17:40:48
Important: expat security update
2022-10-06 00:00:00
oraclelinux
oraclelinux
expat security update
2022-10-29 00:00:00
firefox security update
2022-10-27 00:00:00
firefox security update
2022-10-20 00:00:00
f5
f5
K44454157 : Expat vulnerability CVE-2022-40674
2022-10-31 00:00:00
amazon
amazon
Important: expat
2022-10-31 19:40:00
Important: expat
2022-12-01 17:34:00
almalinux
almalinux
Important: expat security update
2022-10-06 00:00:00
Important: mingw-expat security update
2023-05-16 00:00:00
Important: firefox security update
2022-10-18 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-40674 affecting package expat for versions less than 2.4.8-2
2022-09-23 18:23:13
CVE-2022-40674 affecting package expat 2.4.6-1
2022-10-04 07:51:28
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0399)
2022-10-28 00:00:00
Fedora: Security Advisory for expat (FEDORA-2022-15ec504440)
2022-10-08 00:00:00
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-2762)
2022-11-14 00:00:00
nvd
nvd
CVE-2022-40674
2022-09-14 11:15:54
githubexploit
githubexploit
Exploit for Use After Free in Libexpat Project Libexpat
2022-10-19 11:15:29
Exploit for Use After Free in Libexpat Project Libexpat
2022-10-19 11:15:29
centos
centos
expat security update
2022-10-26 14:19:51
rocky
rocky
thunderbird security update
2022-10-18 17:40:48
firefox security update
2022-10-18 17:41:04
expat security update
2022-10-11 12:38:26
ubuntucve
ubuntucve
CVE-2022-40674
2022-09-14 00:00:00
wolfi
wolfi
CVE-2022-40674 vulnerabilities
2024-02-07 01:47:52
cgr
cgr
CVE-2022-40674 vulnerabilities
2024-02-06 23:19:33
slackware
slackware
[slackware-security] python3
2022-10-14 01:46:13
[slackware-security] expat
2022-09-20 22:58:31
veracode
veracode
Use-After-Free
2022-09-15 08:37:15
freebsd
freebsd
expat -- Heap use-after-free vulnerability
2022-09-14 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: expat-2.4.9-1.fc36
2022-10-07 15:56:55
[SECURITY] Fedora 35 Update: expat-2.4.9-1.fc35
2022-10-14 12:58:55
prion
prion
Design/Logic Flaw
2022-09-14 11:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2168
2023-06-20 09:22:31
Advisory ROSA-SA-2023-2166
2023-06-20 09:12:17
cvelist
cvelist
CVE-2022-40674
2022-09-14 00:00:00
debiancve
debiancve
CVE-2022-40674
2022-09-14 11:15:54
cloudlinux
cloudlinux
Fixed CVE-2022-40674 in expat
2022-09-26 11:53:23
suse
suse
Security update for expat (important)
2022-10-17 00:00:00
Security update for expat (important)
2022-10-01 00:00:00
alpinelinux
alpinelinux
CVE-2022-40674
2022-09-14 11:15:54
debian
debian
[SECURITY] [DSA 5236-1] expat security update
2022-09-22 20:17:33
[SECURITY] [DLA 3119-1] expat security update
2022-09-25 07:05:40
ubuntu
ubuntu
Expat vulnerability
2022-09-26 00:00:00
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
77.8%
Related for ALSA-2022:6878