Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-25315HistoryFeb 18, 2022 - 5:15 a.m.
CVE-2022-25315
2022-02-1805:15:08
Alpine Linux Development Team
security.alpinelinux.org
24
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.02 Low
EPSS
Percentile
88.9%
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.12-main | noarch | expat | < 2.2.10-r2 | UNKNOWN |
| Alpine | 3.13-main | noarch | expat | < 2.2.10-r4 | UNKNOWN |
| Alpine | 3.14-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.19-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
| Alpine | 3.20-main | noarch | expat | < 2.4.5-r0 | UNKNOWN |
Related
redhatcve
redhatcve
CVE-2022-25315
2022-02-21 05:20:45
ubuntucve
ubuntucve
CVE-2022-25315
2022-02-18 00:00:00
githubexploit
githubexploit
Exploit for Integer Overflow or Wraparound in Libexpat Project Libexpat
2022-05-11 09:31:06
Exploit for Integer Overflow or Wraparound in Libexpat Project Libexpat
2022-05-12 11:07:10
Exploit for Integer Overflow or Wraparound in Libexpat Project Libexpat
2023-04-06 05:42:39
cnvd
cnvd
Expat integer overflow vulnerability (CNVD-2022-18355)
2022-02-22 00:00:00
osv
osv
CVE-2022-25315
2022-02-18 05:15:08
expat vulnerabilities and regression
2022-03-10 13:19:12
expat - security update
2022-03-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-02-20 22:19:21
cbl_mariner
cbl_mariner
CVE-2022-25315 affecting package expat for versions less than 2.4.8-1
2022-04-26 20:17:03
CVE-2022-25315 affecting package expat 2.4.4-1
2022-03-09 18:31:42
amazon
amazon
Important: expat
2022-03-07 23:17:00
Important: expat, thunderbird
2022-03-07 23:31:00
Important: thunderbird
2022-04-25 22:56:00
cve
cve
CVE-2022-25315
2022-02-18 05:15:08
nessus
nessus
Amazon Linux 2 : expat (ALAS-2022-1759)
2022-03-08 00:00:00
Amazon Linux AMI : expat (ALAS-2022-1570)
2022-03-08 00:00:00
EulerOS 2.0 SP5 : expat (EulerOS-SA-2023-2143)
2023-06-09 00:00:00
nvd
nvd
CVE-2022-25315
2022-02-18 05:15:08
debiancve
debiancve
CVE-2022-25315
2022-02-18 05:15:08
prion
prion
Integer overflow
2022-02-18 05:15:00
cvelist
cvelist
CVE-2022-25315
2022-02-18 04:24:43
photon
photon
Critical Photon OS Security Update - PHSA-2022-0366
2022-02-28 00:00:00
Critical Photon OS Security Update - PHSA-2022-3.0-0366
2022-03-02 00:00:00
Critical Photon OS Security Update - PHSA-2022-0158
2022-02-28 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2023-2143)
2023-06-09 00:00:00
Fedora: Security Advisory for thunderbird (FEDORA-2023-99ba1917da)
2023-02-03 00:00:00
Fedora: Security Advisory for thunderbird (FEDORA-2023-97a977a96a)
2023-02-03 00:00:00
redhat
redhat
(RHSA-2022:1070) Important: expat security update
2022-03-28 08:46:43
(RHSA-2022:1068) Important: expat security update
2022-03-28 08:40:33
(RHSA-2022:1309) Important: expat security update
2022-04-11 15:03:41
oraclelinux
oraclelinux
expat security update
2022-05-06 00:00:00
firefox security update
2022-03-10 00:00:00
firefox security and bug fix update
2022-03-10 00:00:00
ubuntu
ubuntu
Expat vulnerabilities and regression
2022-03-10 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM HTTP Server shipped in IBM WebSphere Application Server Patterns due to Expat vulnerabilities
2022-04-29 19:27:25
cloudfoundry
cloudfoundry
USN-5320-1: Expat vulnerabilities and regression | Cloud Foundry
2022-04-21 00:00:00
f5
f5
redos
redos
ROS-20220225-01
2022-02-25 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: mingw-expat-2.4.6-1.fc35
2022-03-01 18:20:49
[SECURITY] Fedora 34 Update: mingw-expat-2.4.6-1.fc34
2022-03-01 18:37:17
suse
suse
Security update for expat (important)
2022-03-04 00:00:00
Security update for expat (important)
2022-07-06 00:00:00
mageia
mageia
Updated expat packages fix security vulnerability
2022-02-22 23:15:16
Updated firefox/nss/rootcerts packages fix security vulnerability
2022-04-29 01:46:19
Updated thunderbird packages fix security vulnerabilities
2022-04-29 01:46:19
slackware
slackware
[slackware-security] expat
2022-02-20 05:16:42
debian
debian
[SECURITY] [DLA 2935-1] expat security update
2022-03-07 13:35:55
[SECURITY] [DSA 5085-1] expat security update
2022-02-22 20:17:14
almalinux
almalinux
Important: mingw-expat security update
2022-11-08 00:00:00
Critical: firefox security update
2022-03-10 14:36:51
Important: thunderbird security update
2022-03-14 09:49:10
centos
centos
firefox security update
2022-03-29 13:53:09
thunderbird security update
2022-03-29 13:54:14
expat security update
2022-03-29 22:31:03
rocky
rocky
thunderbird security update
2022-03-14 09:49:10
firefox security update
2022-03-10 14:36:51
expat security update
2022-03-16 15:13:06
ics
ics
Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products
2023-10-05 12:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.02 Low
EPSS
Percentile
88.9%
Related for ALPINE:CVE-2022-25315