Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-25314HistoryFeb 18, 2022 - 5:15 a.m.
CVE-2022-25314
2022-02-1805:15:08
Alpine Linux Development Team
security.alpinelinux.org
17
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.2 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.7%
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | expat | < 2.2.10-r2 | UNKNOWN |
| Alpine | 3.13-main | noarch | expat | < 2.2.10-r4 | UNKNOWN |
| Alpine | 3.14-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.19-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.20-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
Related
nvd
nvd
CVE-2022-25314
2022-02-18 05:15:08
prion
prion
Integer overflow
2022-02-18 05:15:00
cvelist
cvelist
CVE-2022-25314
2022-02-18 04:25:11
debiancve
debiancve
CVE-2022-25314
2022-02-18 05:15:08
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in libexpat (CVE-2022-25314).
2023-01-12 21:59:00
ubuntucve
ubuntucve
CVE-2022-25314
2022-02-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-02-20 22:19:59
githubexploit
githubexploit
Exploit for Integer Overflow or Wraparound in Libexpat Project Libexpat
2022-05-11 09:11:39
osv
osv
Vulnerability: external/expat (size_t)
2022-09-01 00:00:00
CVE-2022-25314
2022-02-18 05:15:08
Moderate: expat security update
2022-06-30 00:00:00
cbl_mariner
cbl_mariner
CVE-2022-25314 affecting package expat 2.4.4-1
2022-03-09 18:31:42
CVE-2022-25314 affecting package expat for versions less than 2.4.8-1
2022-04-26 20:17:03
redhatcve
redhatcve
CVE-2022-25314
2022-02-21 05:22:04
cnvd
cnvd
Expat integer overflow vulnerability (CNVD-2022-18353)
2022-02-22 00:00:00
cve
cve
CVE-2022-25314
2022-02-18 05:15:08
redhat
redhat
(RHSA-2022:5244) Moderate: expat security update
2022-06-28 08:27:13
(RHSA-2022:5314) Moderate: expat security update
2022-06-28 10:52:05
(RHSA-2022:7811) Important: mingw-expat security update
2022-11-08 06:30:08
nessus
nessus
Oracle Linux 8 : expat (ELSA-2022-5314)
2022-06-30 00:00:00
NewStart CGSL MAIN 6.02 : expat Multiple Vulnerabilities (NS-SA-2022-0104)
2022-12-19 00:00:00
Rocky Linux 8 : expat (RLSA-2022:5314)
2023-11-07 00:00:00
almalinux
almalinux
Moderate: expat security update
2022-07-01 00:00:00
Moderate: expat security update
2022-06-30 00:00:00
Important: mingw-expat security update
2022-11-08 00:00:00
rocky
rocky
expat security update
2022-06-28 10:52:05
oraclelinux
oraclelinux
expat security update
2022-06-30 00:00:00
expat security update
2022-06-30 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0366
2022-02-28 00:00:00
Critical Photon OS Security Update - PHSA-2022-3.0-0366
2022-03-02 00:00:00
Critical Photon OS Security Update - PHSA-2022-0158
2022-02-28 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-5320-1)
2022-03-11 00:00:00
Fedora: Security Advisory for mingw-expat (FEDORA-2022-04f206996b)
2022-03-02 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:0713-1)
2022-03-05 00:00:00
cloudfoundry
cloudfoundry
USN-5320-1: Expat vulnerabilities and regression | Cloud Foundry
2022-04-21 00:00:00
ubuntu
ubuntu
Expat vulnerabilities and regression
2022-03-10 00:00:00
debian
debian
[SECURITY] [DSA 5085-1] expat security update
2022-02-22 20:17:14
redos
redos
ROS-20220225-01
2022-02-25 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: mingw-expat-2.4.6-1.fc35
2022-03-01 18:20:49
[SECURITY] Fedora 34 Update: mingw-expat-2.4.6-1.fc34
2022-03-01 18:37:17
suse
suse
Security update for expat (important)
2022-03-04 00:00:00
Security update for expat (important)
2022-07-06 00:00:00
mageia
mageia
Updated expat packages fix security vulnerability
2022-02-22 23:15:16
slackware
slackware
[slackware-security] expat
2022-02-20 05:16:42
ics
ics
Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products
2023-10-05 12:00:00
Siemens SINEMA Remote Connect Server
2022-06-16 12:00:00
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
aix
aix
AIX is affected by multiple vulnerabilities in Python
2022-07-28 13:12:18
gentoo
gentoo
Expat: Multiple Vulnerabilities
2022-09-29 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
Oracle Critical Patch Update Advisory - April 2023
2023-04-18 00:00:00
avleonov
avleonov
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.2 High
AI Score
Confidence
High
0.009 Low
EPSS
Percentile
82.7%
Related for ALPINE:CVE-2022-25314