Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-22824HistoryJan 10, 2022 - 2:12 p.m.
CVE-2022-22824
2022-01-1014:12:56
Alpine Linux Development Team
security.alpinelinux.org
18
expat
defineattribute
integer overflow
cve-2022-22824
xmlparse.c
libexpat
unix
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.015
Percentile
87.1%
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | expat | < 2.4.3-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | expat | < 2.2.10-r0 | UNKNOWN |
| Alpine | 3.13-main | noarch | expat | < 2.2.10-r2 | UNKNOWN |
| Alpine | 3.14-main | noarch | expat | < 2.4.3-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | expat | < 2.4.3-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | expat | < 2.4.3-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | expat | < 2.4.3-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | expat | < 2.4.3-r0 | UNKNOWN |
| Alpine | 3.19-main | noarch | expat | < 2.4.3-r0 | UNKNOWN |
| Alpine | 3.20-main | noarch | expat | < 2.4.3-r0 | UNKNOWN |
Related
debiancve
debiancve
CVE-2022-22824
2022-01-10 14:12:56
cnvd
cnvd
Expat defineAttribute function buffer overflow vulnerability
2022-01-14 00:00:00
cvelist
cvelist
CVE-2022-22824
2022-01-08 02:56:58
nvd
nvd
CVE-2022-22824
2022-01-10 14:12:56
redhatcve
redhatcve
CVE-2022-22824
2022-01-24 17:32:45
osv
osv
CVE-2022-22824
2022-01-10 14:12:56
Moderate: xmlrpc-c security update
2022-11-08 00:00:00
Moderate: xmlrpc-c security update
2022-11-08 06:26:32
prion
prion
Integer overflow
2022-01-10 14:12:00
cbl_mariner
cbl_mariner
CVE-2022-22824 affecting package expat for versions less than 2.4.3-1
2022-04-09 06:51:43
CVE-2022-22824 affecting package expat 2.4.1-2
2022-01-26 22:53:38
cve
cve
CVE-2022-22824
2022-01-10 14:12:56
veracode
veracode
Integer Overflow
2022-01-11 06:52:01
nessus
nessus
F5 Networks BIG-IP : Expat vulnerabilities (K23421535)
2022-05-01 00:00:00
Photon OS 3.0: Expat PHSA-2022-3.0-0353
2024-07-24 00:00:00
Amazon Linux 2 : expat (ALAS-2022-1809)
2022-07-15 00:00:00
ubuntucve
ubuntucve
CVE-2022-22824
2022-01-10 00:00:00
f5
f5
ibm
ibm
photon
photon
Critical Photon OS Security Update - PHSA-2022-0353
2022-01-19 00:00:00
Critical Photon OS Security Update - PHSA-2022-3.0-0353
2022-01-19 00:00:00
Critical Photon OS Security Update - PHSA-2022-0462
2022-01-22 00:00:00
amazon
amazon
Medium: expat
2022-06-30 23:38:00
Medium: expat
2022-07-06 03:09:00
rocky
rocky
xmlrpc-c security update
2022-11-08 06:26:32
expat security update
2022-03-16 15:13:06
redhat
redhat
(RHSA-2022:7692) Moderate: xmlrpc-c security update
2022-11-08 06:26:32
(RHSA-2022:0951) Important: expat security update
2022-03-16 15:13:06
(RHSA-2022:1069) Important: expat security update
2022-03-28 08:42:24
oraclelinux
oraclelinux
xmlrpc-c security update
2022-11-15 00:00:00
expat security update
2022-03-16 00:00:00
expat security update
2022-03-28 00:00:00
almalinux
almalinux
Moderate: xmlrpc-c security update
2022-11-08 00:00:00
Important: expat security update
2022-03-16 00:00:00
slackware
slackware
[slackware-security] expat
2022-01-16 21:48:11
mageia
mageia
Updated expat packages fix security vulnerability
2022-01-25 15:13:11
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0031)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:14878-1)
2022-01-26 00:00:00
openSUSE: Security Advisory for expat (openSUSE-SU-2022:0178-1)
2022-02-08 00:00:00
suse
suse
Security update for expat (important)
2022-01-25 00:00:00
hp
hp
Expat Library update for Teradici PCoIP Software and Firmware
2022-04-11 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package expat version 2.4.3-alt1
2022-01-31 00:00:00
debian
debian
[SECURITY] [DLA 2904-1] expat security update
2022-01-30 21:42:20
[SECURITY] [DSA 5073-1] expat security update
2022-02-12 13:32:08
cloudfoundry
cloudfoundry
USN-5288-1: Expat vulnerabilities | Cloud Foundry
2022-04-21 00:00:00
ubuntu
ubuntu
Expat vulnerabilities
2022-02-21 00:00:00
xmltok library vulnerabilities
2022-07-19 00:00:00
centos
centos
expat security update
2022-03-29 22:31:03
cloudlinux
cloudlinux
Fixed 13 CVEs in expat
2022-08-17 18:50:48
ics
ics
Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products
2023-10-05 12:00:00
Siemens SINEMA Remote Connect Server
2022-06-16 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
aix
aix
AIX is affected by multiple vulnerabilities in Python
2022-07-28 13:12:18
gentoo
gentoo
Expat: Multiple Vulnerabilities
2022-09-29 00:00:00
avleonov
avleonov
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.015
Percentile
87.1%
Related for ALPINE:CVE-2022-22824